Well most of us in today’s scenario talk about “defense in depth” or “layered security”. Though they are used interchangeably, they are very separate from each other.
Nowadays, building just one level of security to safeguard your server could have devastating consequences down the line. While attackers may easily penetrate the first level of defense, layered security uses security at different levels so that it becomes extremely tough to break the defense mechanism of the server. Any single defense may be flawed and we can identify the flaws only by allowing an attack which we do not want to. So this is where layered security becomes a lot more useful to safeguard the server.
How to use layered security?
One huge advantage of layered security is that it can be applied at any level of security process. Today’s web server environment encourages blended attacks & so using layered security stops or at least limits the damage from security breaches. Only properly coordinated security that works across different protocols can stop any security breach to the server.
Each layer in the multi-layered security focuses on a specific area where the attack can happen. You can use these to protect your server from malware attacks – Web Protection, Email Security & archiving, Antivirus software, Data Encryption, Firewalls, Digital Certificates, Anti Spam & Spam filters & Privacy Controls.
Let us now look at some of them in detail.
Network Firewall:
The first point of defense against the intruders is always the firewall. A firewall working on the layer of application understands application-level protocols to find the sophistication of the intrusion.
Constantly monitoring & updating the system software:
Keeping your software package up-to-date is an important mechanism of defense against unwanted security breaches. If the software isn’t being updated, the vulnerability gradually increases and become more prone to attack. New security patches are often being installed continuously and updating often gives the attacker more time to identify the new security flaws and reverse engineer accordingly.
In critical projects, auto updating is not a very good option since it makes the server more prone to attacks. The processes has to be set in such a way that the new updates has to be tested time to time & only then updated.
Spam Filtering:
Spam filters are used to detect and intercept unwanted bulk mails – or commonly referred to as “Spam” – before it goes into the email box of the recipient. Spam filters recognize spammer IP addresses in the mails that come. In order to penetrate, the spam distributors use innovative ideologies to break the spam filter. So, a lot of research is being continuously done by developers of spam filters to keep the bulk emails at bay. The spam filter that you use should also be flexible thereby training it to detect mails that fit user’s preference.
Virtual Private Network:
If you’re seeking access from unsecured locations such as public hotspots, then the vulnerability again increases. This is where Virtual Private Network will come in handy. VPN protects the confidentiality of their network access. However for small businesses, it is costly to deploy & support due to overheads of bandwidth, processing & application.
Malware Detection:
Malware detection is used to secure the apps that run on the server. A strong malware scanner is needed to monitor the potential threats to the server. An effective anti-virus will promptly remove it, or prevent a threat from even initiating to begin with once a malware is identified.
Maintaining the account security:
Using a long password is the key. We always tend to set passwords that are short, so that we can remember them easily. Using long passwords keep your server more secure. Often keep changing your passwords. A certain combination of a password will always be tried by the attacker & you can prevent this by setting up new passwords every time (Caution: Do not use old passwords). You can even set up a two step authentication for the most crucial accounts.
Intrusion Detection System:
IDS (Intrusion Detection System) involves in detection of port scans originating from within the network and also keeps track of additional or excessive attempts to log into a server. IDS monitoring of traffic in the network may be done by port mirroring, or through the support of passive network taps. Generally, it is a traffic monitoring strategy to prevent and avoid suspicious activities.
Our experience and expertise in Linux / Windows server management keeps your IT infrastructure intact 24×7 and enables robust web presence for your enterprise, thus helping you save time, space and ultimately money.
To avail our server management services, please check: http://www.actsupport.com/server-management