Tech Tips

The 8 biggest server security Blunders

With the costs of attacks rising all the time, data integrity isn’t an area to cut costs or lose focus. From the annoyance of resource wastage via crypto-mining to the existential threats posed by catastrophic data leaks, server security becomes a must – especially where servers are concerned.

In this blog, we’ll look at seven of the most common reasons why your servers are at risk from external surveillance, data leaks, and malware attacks.


Servers are the nerve center of companies, hosting client data, apps, and local networks. Without them, few companies can survive for long, so let’s explore some of their key vulnerabilities, and offer workable solutions.

 

 

Your Backup Policy Doesn’t Go Far Enough

When servers fail or become infected by critical viruses, backup policies come into their own. Most crisis management protocols include some degree of backing up, but this isn’t always sufficient to repopulate servers if the worst happens.

In fact, in many cases, companies choose to cut corners, copying what they deem to be “critical data”, while essentially leaving everything else to burn should servers fail.

This is a false economy, for a number of reasons. Most importantly, then your data is deleted, you’ll need to rebuild server infrastructure completely.

Think about what that entails. Permissions will need to be carefully reconstructed to ensure security and efficiency, apps will need to be configured (and you may need third party assistance to do so).

Patches need to be present and correct, and it’s likely that a completely fresh OS installation will be required.

That doesn’t just entail hard work and financial costs. It’s also a massive waste of time.

So rule number one is simple: If you skimp on server backups, you put yourself at financial and operational risks. So it’s worth going the extra mile to provide comprehensive back-up capabilities.



You Don’t Have a VPN Installed

Virtual Private Networks are becoming an indispensable tool in the server management community and for good reasons.

These apps use tunneling protocols to wrap data packets in military-grade encryption, which is virtually impossible to decode. This data is re-routed via fast servers, anonymizing its source, then zapped back to your own server.

As far as intruders and snooper are concerned, a VPN makes it very hard to detect information passing into and out of your network.

It won’t mitigate all cyber-security risks, but having a VPN onboard is a good start, and will deter many speculative attacks at first base.

Head here for an interesting read about general VPN services, and which ones to rely on. It’s always best to stick to reputable providers, preferably those located outside the “14-eyes” surveillance network, and with a strong record of sticking to zero logs policies.

The cheapest VPNs are rarely the best, although even premium services offer excellent deals, so shop around. And feel free to ask about server protection, as good companies will be ready to field any tech inquiries.

 


Servers Aren’t Physically Secured

This one is obvious, so obvious that it’s the kind of issue that many companies forget about. Servers need to be physically secured, to prevent theft.

Additionally, if unauthorized individuals have physical access to servers, they can inject malware, sabotage systems, and transfer data fairly easily. So it’s always essential to minimize security risks wherever possible.

As a general rule, it’s a good idea to segregate servers from other network infrastructure. This doesn’t mean building a separate unit outside your premises with Fort Knox level security.

Usually, it will be enough to place servers inside secure cabinets, which can be closed via reliable locks or forms of bio-certification.

Only a few members of staff should have access to server infrastructure, and any physical access should be logged and reported on a central register.

It’s probably a good idea to use surveillance cameras or motion sensors around sensitive equipment as well. Given the risks involved in data leaks and system failure, it’s a price worth paying.

 

Servers Haven’t Been Regularly Updated and Patched

Applying patches as soon as they become available is an absolute must when it comes to server security. We’ve seen this time and again in the world of cyber-security, with massive costs for businesses who have been tardy with their updates policy.

The well-known Wannacry attacks of 2017-2018 stemmed from a flaw called EternalBlue, which affected Microsoft’s Server Message Block.

And the same weakness was exploited by NotPetya, a devious malware agent which cost Danish shipping giant Maersk alone some $300 million.

More recently, exploits have been discovered which use the EternalBlue vulnerability to install BitCoin mining tools on servers, which will instantly sap your network resources.

In all cases, the risks attached to these threats could have been minimized by applying up to date server patches, but companies delayed.

The same happened to Equifax when it leaked over 100 million credit records in 2017. Do you want to end up like those organizations? If so, fumbling the ball on server updates is a great way to succeed.

 


Your Password Security Isn’t as Secure as it Should Be

Server passwords are another core vulnerability that all network managers need to be aware of, but can sometimes take second place to more glamorous, complex threats.

This can take a few forms. For instance, local admin passwords have been flagged as a particular risk by cybersecurity analysts.

In some implementations of Windows 10, when the OS is installed across multiple systems, technicians accidentally grant local admin privileges with the same password.

With this password, attackers can gain control of every asset that is connected to a local computer on the network, whether they guess, force, or steal the password – and that’s definitely going to put your servers at risk.

Alternatively, attackers may simply procure the overall server password, giving them direct access to your data banks. Because of this, it’s essential to use complex, hard-to-guess passwords, and to change them regularly.

If you need to, use password managers to ensure that anyone with access to the server always uses strong passwords. And put that protocol down in writing to make sure everyone understands that passwords matter.

 


Permissions Are a Mess

On any network with more than a handful of users, permissions will become a vital consideration. However, it’s all-too-common to find networks that take the easy route, granting extensive access privileges to all users.

That saves time on governing access but opens the servers to all sorts of intrusions (not to mention giving employees access to data that they probably should have).

The alternative is time-consuming, at least in the early stages. Any secure server will be governed by a hierarchy of privileges, with very few people having total access to the data it contains.

If you haven’t already done so, bring all key stakeholders together to determine which assets should be available to the general staff, which are required by Human Resources, Marketing, IT, etc.. all the way up to the Management tier.

Organize files efficiently and clearly, so that it’s very clear when people are accessing data they aren’t authorized to see. And – most importantly – spend time policing permissions, double-checking that every user is properly configured.

 

Your Antivirus Protection Simply Isn’t Doing the Job

Servers are just as vulnerable to viruses and malware as any other devices, perhaps more so given the threat surface they represent.

So if you’re going to focus your antivirus strategy on one location, it should be your data servers. Unfortunately, that kind of focus is absent from many companies, opening their servers up to data thieves.

Mitigating virus risks is possible, even if 100% of protection isn’t possible. Choosing a good antivirus provider is essential, preferably one which invests in global threat analysis and provides regular updates.

In some cases, you can blend VPN coverage with active threat protection. These security suites come with a cost, but can be custom-built for specific needs, and really do provide a solid solution.

Otherwise, patch your preferred antivirus tool regularly, and get on top of the human side of virus protection. Have policies in place to deter employees from clicking on suspect emails.

Ensure those working from unsecured wifi networks are using VPNs, and use tools like DMARC to screen emails as they arrive.

 

Create Overall Security Plans to Ensure Server Integrity

As we’ve seen, there are plenty of potential reasons why your servers might be at risk.

From poor virus protection and server patching to weak passwords, improperly configured permissions, and the lack of VPN coverage, warning signs are everywhere. And most of the time, they can be remedied easily.

So take the time to do so. And in the process, formulate wide-ranging server security plans to ensure that any changes bed in properly.

After all, a culture of digital security is the best protection against cyber-threats, not a few one-off actions that can be easily forgotten.

 

Mokhtar Ebrahim
I'm working as a Linux system administrator since 2010. I'm responsible for maintaining, securing, and troubleshooting Linux servers for multiple clients around the world. I love writing shell and Python scripts to automate my work.

Leave a Reply

Your email address will not be published. Required fields are marked *