How To Secure Linux, Unix, Windows Servers and IT Systems?
Servers provide to different type of infrastructures to implement different solutions about IT. Security is an other issue that must be solved in IT area. In recent years security became a need. In this tutorial we will look how to secure our servers.
Operating systems uses a lot of internal and external tools and services. Especially external ones interfaces the operating system with the remote clients and attackers over network. Services are software those runs without stopping and these services may contain security vulnerabilities. These vulnerabilities can be re mediated with patches. Patching mechanisms should be run automatically if it can be done.
Another aspect of security is the inventory. We should know what we have and related information about them. Without knowing our inventory we can not secure and protect them against attacks.
As the systems provides services over network there should be a restriction to these services. This restriction can be done simply with firewalls. There are different type of firewalls from simply port access to the files analyzers. Selects the type of firewall according to your needs.
Accounts & Authentication
Accounts provides authentication and authorization of users. Each user have their own specific account to define itself. Permissions about access, read, write, execute, delete, modify and other operations are set according to account and groups privileges. Give more attentions while setting up and managing accounts in IT systems.
Security Audit or Review
All days are different in IT world and systems. We can not track all systems in real time. But there should be some time frame to review and track IT systems security issues. This will give some information about security related events in previous period and show hidden things more clear way.
From my point of view the first step into securing a system is physical security. Without a physical security all other security protections will be weak. Simple accessing IT systems physically will lost the guard. So while configuring security start with physical security to be sure.
Can we prevent all attacks from out side and inside ? No there is no corporate that can answer this question as yes even Microsoft, Google, Facebook. So what is a security mechanism that can be used after or before attack. We can log system, application, database, service, platform, client, user etc. events. And get real time alerts about attacks. another usage is finding information after an attack about how it is happened.