While not all servers are exposed directly to the internet like a web server, chances are that they are on a network that is connected to the internet. Even then you have some protection from firewalls and routers to stop internet traffic from getting into the server. However what protection is there from your internet facing server servers getting taken over by an outside attacker, and launching attacks on your other servers? What's to stop a disgruntled employee from launching an attack on one of your servers?
The answer is server hardening, the processes of securing your servers to the maximum level possible. We can perform an analysis on your servers to find the common, and not so common weaknesses in it's configuration, and software. Specializing in Microsoft Windows operating systems, we can quickly and accurately find the most common vulnerabilities your Windows system has. We can also secure other operating systems as well such as Linux.
Our analysis will often find the following:
Why harden your servers?
While your internal servers can't be seen by the public, they often do contain information that is given to you by the public, or contains your businesses intellectual property. With laws written in some states you may be obligated to notify your customers if their information is illegally accessed. Either way you should notify your customers when their information could have been potentially stolen. This can cause your clients to lose trust in your company and potentially stop or slow business transactions with you. This is because customers will be less likely to trust you with their personal information, and less likely to do business with you if they believe that their personal information will be at risk.
Your intellectual property is at risk as well, if someone managed to get into your server they could steal designs for a new product, source code, and more. If the attacker is good enough, little to no traces of them entering your systems will exist and they may place a program on your server that will send them the latest on products that you develop. This is most often done by your competitors, or someone who thinks that they can sell the information to your competitors. There are cases for software development companies where the attackers intent is not to sell the information they acquire, but instead to use it at a later date to release an attack on the users of the software.
Securing your servers (or any infrastructure) can provide you with a Return On Investment (ROI). Your customers will return more to you for your services if they can trust you to protect their information. You also don't have to worry about your intellectual property being stolen or misused if your servers are maintained in a secure state. This protects your investments, and allows you to focus on other projects.
Last Updated: 03/10/2008 02:56 AM