Your server is the heart of your business network. When something goes wrong, you lose access to key resources while productivity, customer service, and your bottom line suffers. Yet many businesses inadvertently compromise the security of their servers, leaving them vulnerable to hacker attacks, internal security issues or even simple power outages.
So is your server at risk?
Here are 8 things you may be forgetting that could be compromising your server’s security.
1. Server Backup
While most businesses understand the necessity of backing up their important documents and files, many don’t think to create a backup of their entire server. What they don’t realize is that having a backup of your vital data won’t help much if you need to rebuild your server from scratch.
Without a complete image of your server, all of the software, permissions, and server settings will be lost in the event of a server crash. In this situation, it could take more than a week to restore your server to working order. It takes time to install the operating system, apply patches and updates, recreate file permissions, setup the email server, printer configurations, and more.
In the meantime, employees might not be able to access email or print documents. Vital file permissions are often lost, preventing employees from accessing important data.
Even after the server is up and running again, it can take several more days to work out all the little glitches and problems that often pop-up.
So how can you avoid this?
Use imaging software to create a complete image of your server. A server image is a complete picture of everything that is on the server including installed software, settings, permissions, printer configurations and much more. In the event of a server crash, the backup image can be restored to a new server in a matter of hours, preserving all your vital settings and getting everyone back to work much faster.
Plus, your image software can also save all your vital documents, files and data, making it a complete backup solution. Whether you need to restore a single document or the entire server, you’ll be covered.
Fortunately, there are affordable server imaging solutions available that can save an image of your server on-site for convenience and offsite, in the cloud, in case of fire, flood, theft or other natural disaster. Creating an image of your server could be one of the best investments you make for your server security this year.
2. Test Your Backup System
Many companies that have a server backup system in place don’t test the backup process and often find out too late that the system is not working as it should be. Scheduling periodic tests for your backup system is a wise investment of time and resources that you can’t afford to skip.
To test your system, start by attempting to restore a single file to a different location. If you have an image backup system as described in the last tip, you should also test the entire system restore process to be sure it is working as expected.
Your backup software may already have a testing system in place to verify your backups on a regular basis. Here is an example of a successful backup test performed by the Datto backup system that EZSolution uses on many of our clients’ server systems.
If you’re not testing your backups on a regular basis, get this vital task on your to-do list as soon as possible to be sure your backup system will be there when you need it most.
3. Configure Server Security Settings
Many companies are diligent about securing their server from hacker attacks and viruses, but neglect internal security. We often talk with businesses who have a single set of administrator permissions setup on their servers, allowing everyone in the company to access all the server’s resources.
This means that everyone could potentially access financial records, employee social security numbers, salary information, and other sensitive data that they don’t need to access.
To combat this issue, we recommend setting up a tiered permission structure, giving access to each user based on what they need to do their jobs and no more.
A general file structure might include:
- HR files
Accessible only to the HR department, managers, and company executives
- Financial documents
Accessible only to the accounting department and company executives
- Executive files
Accessible only to executive staff and the company owner
- General office files
Accessible to employees in every department
You may also create additional file structures that relate to your specific business and assign permissions to those files as appropriate. The point is to ensure that vital information is handled appropriately and only seen by those who actually need to see it. This adds an additional layer of security against outside attacks and prevents many internal security breaches as well.
4. Check Your Administrator Password
Some businesses leave their server open to both internal and external security threats by using an administrator password that is not complex enough. It is not uncommon to find an entire server protected by a password like “password” or “123456.” Your security is only as strong as its weakest link, so great care should be taken to ensure all the passwords on your network are not easy to guess or crack. This is particularly important for your domain administrator password, which provides access to all the vital resources on your server.
All of the passwords you use should contain at least eight characters and include at least one letter, one number, and one symbol. The easiest way to accomplish this is to create a password out of an easy-to-remember phrase such as “I Love Football” and turn it into a complex password by substituting symbols and numbers for letters in the phrase.
In this example, our simple phrase could become:
Easy to remember, but complex enough so it isn’t easy to crack.
In addition, you should limit the number of people who know your server administrator password for additional security. Only those that need to have access to the entire server should know this password. This might include company executives and your IT provider.
If you have outside vendors that need to access your server, assign them permissions under their own username and don’t divulge your main administrator password. This way, if you discontinue working with a company, you won’t have to change your main administrator password. You can simply delete their company user account to prevent further access.
5. Perform Regular Updates
One of the best things you can do to ensure the security of your server is to download and install operating system and software updates as they become available. Failure to do this leaves your server open to vulnerabilities that hackers can exploit to gain access to your system.
Get in the habit of performing regular updates as soon as they come out to ensure your server is protected.
6. Utilize Anti-Virus Protection
Are you running anti-virus software on your server? Many businesses start out with an anti-virus software package on their servers and then don’t renew the subscription when it expires. Out-of-date anti-virus software leaves your server open to viruses and spyware that can compromise system security.
While anti-virus software is not a complete solution, it is an important layer of protection that no server should be without. Make sure you have reliable anti-virus software installed on your server and keep it up-to-date to combat the latest viruses and threats.
7. Add a Reliable Battery Backup Solution
One area of server security that is most often overlooked is the addition of battery backup. This simple tool provides power to your server in the event of a sudden power outage, allowing your server adequate time to shut down properly. This prevents sudden shutdowns that can cause data corruption or damage to server components.
Battery backup systems are inexpensive and usually provide 5 to 10 minutes of power during an outage. If the power goes off and comes right back on, your server will keep running normally. If the power is out longer, the server will shut itself down properly, performing all the necessary housekeeping functions to keep your server safe.
8. Keep Your Server Under Lock & Key
With all the emphasis on internal security and preventing hacker attacks, many businesses forget that they need to protect the physical server itself. So in the event of a burglary, they make it just as easy to steal their server, as it is to take all the other equipment in their building.
One of the best security measures you can take to protect your server is to keep it under lock and key in a separate location in your building. A single server can be housed in a locked storage closet. Several servers might require a room of their own. In the event of a break-in, this extra layer of security makes it more difficult for a thief to get to your server and may deter the theft altogether.
Keys to the server room or storage location should be assigned only to those who need to access the server.
Keeping your server isolated from regular office environment also keeps curious employees or clients away from your server and prevents inadvertent damage.
So how does your server security stack up to this list? Chances are you found at least one area where you can improve your server security. If you need help implementing any of the tips we mentioned, we’d be happy to schedule a free security assessment to evaluate your current system and recommend solutions to keep your server safe. Just call 717-291-0370 for more information.