All about security – 10 security rules for Windows Server
Security is one of the most important challenges when it comes to data hosting. IT administrators, who manage server infrastructure, whether in-house or with a service provider, need to continue to develop and be familiar with current security mechanisms. Together with our partner Microsoft, we have put together the ten most important security rules for Microsoft Server, which provide IT administrators and developers with practical tips and tricks to secure their servers.
Rule 1: Increase Authentication Security
While authentication is an essential and critical point in the protection of IT systems, it often has less priority. Therefore, the first part of our security series focuses on password security and setting up a temporary log-lock.
Rule 2: Protect your data through encryption
Protect the data on your server through encryption and read our second security rule. We explain different data types and explain step-by-step how to optimally encrypt each data type.
Rule 3: Patch Management is mandatory!
Need help with patch management? We show you how to become a patch professional using ten best practice examples.
Rule 4: Attack Surface Reduction (ASR)
Rule 5: Use Exploit Mitigation Technologies
Want to prevent exploit attacks on your system? Use “Exploit Mitigation” technologies. With best practices and detailed tutorials, we show you how to use Data Execution Prevention (DEP) and Address Space Layout Randomization (ALSR) to your advantage.
Rule 6: Install Anti-Virus/Anti-Malware Software
Is your server protected with Anti-Virus/Anti-Malware software? Updating programs is recommended – we explain what is necessary.
Rule 7: Apply the Principle of Least Privilege
Do you know the principle of minimum rights allocation? We show you how to secure your server by means of a graduated rights system and a clever allocation of rights.
Rule 8: Harden your application
Make your applications even safer by testing them for security risks. We explain what you can do to keep potential risks as low as possible in this article.
Rule 9: Detection and Notifications
Prevention is better than treatment – according to this motto you should ensure that security risks for your system are already recognized before it’s too late. Our ninth security rule shows you how to always be on the safe side.
Rule 10: Use Common Sense – Security Awareness
Technology isn’t the only means of securing your system: one of your greatest assets is educating your employees. We will explain in the last part of our series.
For more information, please visit our 1&1 Cloud Community – our server experts are happy to answer any questions about security rules or other complex topics.