7 Security Measures To Protect Your Servers
Are your servers safe? Data is one of the most vital and valuable assets your business holds. Personal information, business strategy, and financial information are just a small amount of data that can be stored on your servers. As you can imagine, a potential breach in the security of this information is an extremely serious scenario.
Understand your threat space
Before diving in, you have to understand what you are protecting. Several companies jump into taking protective measures without any understanding, and this can often lead to poor investments. This is money wasted that could have been used to improve your business. So, the first thing to consider is: what are you trying to prevent? There are three types of attacks your servers could come under:
● Determined attacks
● Crimes of opportunity
● Crimes of convenience
While crimes of opportunity are things like your common theft, they can also include attacks like spear-phishing & ransomware. A lot of people think this kind of stuff is digital security only, but it’s not. One of the typical ways that people are bypassing all the digital security measures that we take, from a cybersecurity perspective, is interacting with the physical space.
An example of this is people researching who works at a location, going to the parking lot, and dropping a USB stick with their name on it, hoping that the target will be nosey enough to pick it up and use the USB drive. From there, the system is hijacked. Crooks aren’t necessarily wielding crowbars these days, they could be wielding USB keys.
Keep a physical presence around your data center 24/7
Inside the data center grounds, address crimes of opportunity with tall fencing, manned presence, and various keyed entry points. Have an employee on the ground looking for things that are not normal, investigating any potential issues, keeping areas clean, and doing checks and sweeps.
Simple signage and visible deterrents
This is the most effective way to prevent crimes of opportunity: video surveillance and signs that state you have a camera presence. For example, having a fence and a well-lit area, or if you are in a server closet or data hall, making sure that there’s proper lighting. Most people are honest, but if an opportunity exists, some people will take advantage. By placing cameras and signaling that cameras are there, you help to reduce what they perceive as opportunities.
Physical additions to the storage unit
Placing physical barriers on the point of access to your servers can go a long way for your security. These include automatic re-closers on the door, biometric two-point authentication, and enclosed racks. Enclosed racks help keep your servers protected and organized. The Rack Model 151, as seen in this picture, is a product of RackSolutions that ships fully assembled and ready to roll into place and start using immediately. Security has been addressed as well, with locking front and back doors and locking side panels. If needed, you can upgrade latches for even more security. RackSolutions not only offers various types of lockable enclosed racks, but also different types of locking equipment, including lockable rackmount drawers, to provide further physical security for your equipment.
Create an air gap between primary and backup data
This ensures the servers are physically not accessible on the same network. Basically, your primary and backup data cannot be on the same site, and the cloud is not always the solution. When considering the impact of downtime or data loss on your business, the cloud brings with it a set of challenges and retrieving your data from it. Not to mention, it can also cost a lot of money to do this. Consider how fast you can be back online and if you need to recover immediately or a longer period. Our suggestion is to have a local copy stored in a disaster recovery center, with an air gap between your primary and secondary storage.
A call-in, check-in system
Have an employee open the door for guests, even to their own systems. This secondary level of audit control is going to make sure you know exactly who is going in and out.
Put response procedures in place
While there are many other security measures that can be taken, if there’s a determined attack, you really have to consider what your response to that will be. If something bad happens, what systems do you have in place? How fast can you respond and what does your response look like? To answer these questions, it requires monitoring of your space, understanding when an anomaly occurs, and reacting to them.