1. Anti-virus software and intrusion detection systems should be incorporated within your infrastructure.
2. Border routers should be configured to only route traffic to and from your company's public IP addresses; in addition, firewalls should be deployed which restrict traffic only to and from the minimum set of necessary services. Furthermore, intrusion detection and prevention systems should be configured to monitor for suspicious activity crossing your network periphery.
3. Typically a two-factor authentication method which requires two types of evidence that you are who you claim to be are usually safer than using just static passwords for authentication. Strong passwords are random, complex (including letters, numbers, and special characters), long (at least 10 characters), changed regularly (at least every 90 days), and are closely guarded.
4. Use safe browsing features included with modern updated web browsing software and include a web proxy server to ensure that malicious or unauthorized sites cannot be accessed from your internal network.
5. If your organization does require remote access to the internal network ensure that you utilize a secure Virtual Private Network (VPN) connection, again, using a two-factor authentication method.
6. Identify the types of personnel required to have access to administer, maintain, and perform regular activities.
7. Practices include a system-wide information security policy, server configuration and change control management, risk assessment and management, standard software configurations, security awareness and training, certification and accreditation.
8. all security and upgrade patches are performed on a regular basis, default passwords are changed, unnecessary services or applications are removed or disabled, operating system user authentication is configured correctly, resource controls are configured, and security testing of the operating system is performed regularly.
9. Carefully examine what information should be published for public access, and which information and resources needs to have limited or restricted access. Examples of the types of data that should be protected include classified and proprietary business information, medical records, detailed physical and security information.
10. Ensure that information cannot be modified without authorization, and this includes:
o Limiting uploads to a directory that is not readable by the web server
o Defining a single directory for external scripts or programs executed as part of web content
o Disabling the use of hard or symbolic links
o Define a complete web content access matrix identifying which folders and files in the web server document directory are limited, which are available, and by whom
o Disable directory listings
o Employ intrusion detection and prevention systems and file integrity checkers to spot intrusions.
o Protect each backend server (i.e., database server or directory server) from command injection attacks.
#informationSecurity #WebServer
0 Comments