When setting up your business infrastructure, getting your applications up and running will no doubt be your primary concern.
However, making your applications function correctly without addressing the security needs of your infrastructure could have devastating consequences further down the line.
Did you know that cyber criminal activity is set to be one of the biggest challenges humanity will face in the next two decades (The Cybercrime Report, 2017). It has also been predicted that a victim will fall to a ransomware attack every 14 seconds by 2019 (Cybersecurity Ventures, 2017).
So, to reduce the risk of leaving you open to an attack on your server, we have outlined some examples of best practice that will help to increase the security of your server:
Software updates
More often that not, receiving an alert to update operating systems and computer software always seem to occur at the most inconvenient time. Maybe you’ve got that email to send, that report to complete or that big presentation to prepare for, so delaying to download the updated software seems like the easiest and most simple option.
Keeping your software up to date is the single biggest security precaution you can take for any operating system. They are important because they often include critical patches to security holes. In fact, many of the more harmful malware attacks often take advantage of software vulnerabilities in common applications, including the likes of operating systems and browsers that have not been kept up-to-date.
So how do you ensure your software has the latest updates?
- When a security update is available you should install it as soon as possible.
- For peace of mind, it is advisable to ensure your automatic updates are turned on (believe it or not, hackers do have the ability to turn off anti-virus software).
Enable and use Antivirus software
As a bare minimum, you should always have antivirus software running on your server. Viruses are the single most popular way your server can be compromised so it is important that you have some degree of protection against this. There are many popular commercial variants and you can easily research one that should be suitable for your needs. Newer versions of Windows also have built-in antivirus software.
Also, remember that antivirus software need to be regularly updated to catch the latest variants of viruses so you should either enable automatic-update or manually update at regular intervals.
Use a firewall
A firewall is every bit as critical to security as an antivirus program and leaving a server connected online without a basic firewall can be incredibly risky.
Why do you need to use a firewall?
- Implementing a firewall is one of the quickest and most effective ways to protect your server from attacks by preventing access by unauthorised persons.
- You can block unsuitable content via a firewall. For example, if your server will be used by under-18s (say, in a school) you can restrict access to relevant sites or implement rules that will block certain sites.
A firewall can be set up easily. A hosting provider such as ourselves can offer a firewall solution tailored to your needs.
Strong passwords
Everyone by now should know of the importance of strong passwords! One of the concerns people have when it comes to creating a complex password is the fear of forgetting them, especially with the endless online tools, websites and resources available to us. Multiple accounts are created by individuals and businesses using various websites and online resources, and unfortunately many resort to choosing a weak password for ease and remembrance.
So how do you ensure you chose high quality secure passwords?
- Your passwords need to be at least 8 characters long and they should be complex. This means they should include numbers, symbols and punctuation.
- Avoid the likes of dictionary words and do not repeat sequences of characters e.g. 2222 or abcabc. If possible, use a secure password generator.
- Use a password manager, there are a range of tools available online such as DashLane and LastPass. These services, not only let you store accounts and passwords in one place, but also help you pick high-quality secure passwords.
If you have any concerns over your security policies or would like some advice and guidance on server security please don’t hesitate to contact us. We’d be more more than happy to help!
