All about security – 10 security rules to follow when navigating Microsoft’s server systems
When it comes to data hosting, security is one of the most important challenges for businesses to overcome. The administrators that manage the server infrastructure, whether this happens in-house or with a service provider, need to ensure that they familiarise themselves with the most up to date security mechanisms, and are continuously developing their skills and knowledge in this area.
Together with our partner Microsoft, we have put together a helpful guide of the top ten most important security tips to follow when using a Microsoft Server, which will provide IT administrators and developers with practical tips and helpful guidelines when it comes to securing their servers. In this blog post we give a brief overview of each of these security rules – as well as links to further information and materials for a more in depth look at this topic.
Windows Server Security Rule 1: Increase Authentication Security
Authentication is an essential but nevertheless critical point in the protection of IT systems, but this topic often has less priority. Therefore, rule 1 focuses on password security and setting up a temporary log-lock – as well as advice on creating a strong and complex password.
Windows Server Security Rule 2: Protect your data through encryption
Protecting the data on your server through encryption is an essential part of the security process. We talk you through the various data types and outline a step-by-step guide for optimal encryption for each data type in rule number 2.
Windows Server Security Rule 3: Patch Management is mandatory!
Need help with patch management? We show you how to become a patch professional with this list of ten best practice examples. Rule 3 covers some basic security best practices that will help increase the overall security of your system.
Windows Server Security Rule 4: Attack Surface Reduction (ASR)
Windows Server Security Rule 5: Use Exploit Mitigation Technologies
“Exploit Mitigation” technologies will prevent exploit attacks occurring on your system. With best practices and detailed tutorials in rule 5, we show you how to use Data Execution Prevention (DEP) and Address Space Layout Randomization (ALSR) to your advantage.
Windows Server Security Rule 6: Install Anti-Virus / Anti-Malware software
Is your server protected with Anti-Virus / Anti-Malware software? –We explain to you the importance of having this installed and the importance of ensuring that it is regularly updated in rule 6.
Windows Server Security Rule 7: Apply the Principle of Least Privilege
Do you know the principle of minimum rights allocation? In rule 7 we talk you through the process of minimum rights allocation, and show you how to secure your server by means of a graduated rights system.
Windows Server Security Rule 8: Harden your application
Improve the safety of you applications by testing them for security risks. We explain what you can do in order to keep potential risks as low as possible in rule number 8.
Windows Server Security Rule 9: Detection and Notifications
Prevention is better than aftercare – you should ensure that security risks for your system are already in check before it is too late. Our security rule number 9 shows you how to always be on the safe side.
Windows Server Security Rule 10: Use Common Sense – Security Awareness
Technical tools are only part of the solution when it comes to security. Making sure you employees understand the risks and are familiar with securing data is of equal importance. Not only technical tools can be used to secure your system. An important point is also to sensitize employees to the importance of this topic. We go through this in further detail in the last part of the series, rule number 10.
For more information, please visit our 1&1 Cloud Community – our server experts will be happy to help you with questions about these rules, as well as various other topics that are helpful to SMBs.