I believe that the most important thing that you can put into your small business computer network to ensure its security is time. Yes, I said time.
Windows Small Business Server 2003 has recommended security measures that should be taken called "Best Practices". Another measure that should be taken is running MSBA (Microsoft Baseline Security Analyzer) and following the suggestions it makes. Most of these must be done only once or infrequently.
Another feature called the "Server Performance Report" tells you what features aren't functioning properly and not working as well as who has had failed attempts at logging into your server.
So what does this have to do with time? This report is emailed to you every morning at 6:00 and I seriously recommend that you read it.It takes time (just a couple of minutes) to read it and see who is having password problems or whose account is being hacked.
Hackers and script kiddies (junior hackers) have enumeration tools that can scan a network to find out what operating systems networked computers are running as well as what accounts are on those computers. Yes, they can tell if you're using Windows XP Pro or XP Home. They can tell if your server is Windows Server 2003 or Windows Small Business Server 2003. They can even tell if you have an account on your server that is still called "administrator" and if the notes designate it as the main admin account.
These tools are dangerous because they can see what accounts are on your server. As a small business, you probably don't have the funds to spend on a large intrusion detection system. You also can't afford to have your server to have your server hijacked and your data stolen.
This is where the time and "Server Performance Report" come into the picture. Take the time to:
Happy computing,
Tim
Windows Small Business Server 2003 has recommended security measures that should be taken called "Best Practices". Another measure that should be taken is running MSBA (Microsoft Baseline Security Analyzer) and following the suggestions it makes. Most of these must be done only once or infrequently.
Another feature called the "Server Performance Report" tells you what features aren't functioning properly and not working as well as who has had failed attempts at logging into your server.
So what does this have to do with time? This report is emailed to you every morning at 6:00 and I seriously recommend that you read it.It takes time (just a couple of minutes) to read it and see who is having password problems or whose account is being hacked.
Hackers and script kiddies (junior hackers) have enumeration tools that can scan a network to find out what operating systems networked computers are running as well as what accounts are on those computers. Yes, they can tell if you're using Windows XP Pro or XP Home. They can tell if your server is Windows Server 2003 or Windows Small Business Server 2003. They can even tell if you have an account on your server that is still called "administrator" and if the notes designate it as the main admin account.
These tools are dangerous because they can see what accounts are on your server. As a small business, you probably don't have the funds to spend on a large intrusion detection system. You also can't afford to have your server to have your server hijacked and your data stolen.
This is where the time and "Server Performance Report" come into the picture. Take the time to:
- Perform the "Best Practices"
- Run MSBA
- Enable password requirements
- Require passwords to be changed on a regular basis
- Enable account lockout policies
- Rename and change the description of the "administrator" account
- Setup (once) and read the "Server Performance Report" (daily)
Happy computing,
Tim
Labels: How To, My Thoughts, Windows Server Tips
DiggIt! Del.icio.us
There are also lists of popular best practices in setting up security for servers. As you say, it does take some time to invest, but taking time to secure a network is time well spent. Microsoft provides some tutorials on security here: www.microsoft.com/hellosecureworld7
Yes, I agree with you completely. Best practices must be followed and I also recommend Microsoft's MBSA (Microsoft Baseline Security Analyzer). There are many paths that must be followed in order to have a secure server.
What I am getting at is that you can follow all of these recommendations but if you don't keep up with what is happening on your system, you can't know how to better protect it.
I say this because I know techs that either don't set up these reports or they don't read them once the do set them up. I can only hope that they at least followed the best practices when setting up the servers.