Servers are powerful computers that provide one or more services (such as email, web or file servers) to users on a particular network. Cyber criminals frequently target servers because of the nature of sensitive data they often hold.
What is server security?
Server security focuses on the protection of data and resources held on the servers. It comprises tools and techniques that help prevent intrusions, hacking and other malicious actions.
Server security measures vary and are typically implemented in layers. They cover:
- the base operating system - focusing on security of critical components and services
- hosted applications - controlling the content and services hosted on the server
- network security - protecting against online exploits, viruses and attacks
Insecure servers are a significant business risk and can cause many network security issues.
How do I secure a server?
Securing large, complex servers can require specialist skills. However, any businesses using a server should be aware of the risks and - at the very least - use basic cyber security measures.
Good management practice can help you improve your business' server and network security. If you are not using a secure data centre to host your servers, you should:
- keep them locked
- monitor and restrict access to them
- monitor server reports, such as security logs
- assess their environment for other risks, eg temperature and fire
- maintain stable power supply
As with regular desktop PCs, servers will need:
- a firewall
- regular backup and updates
- reliable security software
- reliable maintenance and support services
Network firewall security
A firewall is a piece of software or hardware that filters all incoming and outgoing traffic to your business. Firewall devices can:
- block malicious email relaying
- prevent malware being downloaded from untrusted websites
- prevent access to blacklisted websites or unsecure services
Hardware firewall is a part of broadband routers. It protects your entire local network from unauthorised external access and is usually effective even with minimal configuration.
Software firewall is an application installed on individual computers and devices. It is often part of the operating system and usually needs greater configuration of settings and applications controls.
Regardless of what server software and operating system you run, their default configuration may not be fully secure. You should take steps to increase server security - this process is known as server hardening.
Some common server hardening methods include:
- using data encryption for communication
- removing unnecessary software from servers
- regularly updating operating systems, and applying security patches
- using security extensions
- enforcing strong password complexity to protect all user accounts
- account locking after repeated login failures
- using brute force and intrusion detection systems
- backing up data and systems regularly
The National Cyber Security Centre has published guidance which will help you secure your servers.