12 Ways To Secure Your Servers
Servers store your most important business data, deliver your e-mail, and run your Web site, but keeping them from harm's way is a full time job. The 12 tips and tricks in this how-to guide will help keep your data secure.
1. Install antiseptically
2. Control access
Administrator login privileges have access and control to your entire system; only a few, ultra-trustworthy individuals should have administrator privileges and only they should know the password.
3. Keep it simple
Though it's possible to combine multiple functions on a Web server (such as database and e-mail server functions), it is not a good idea if that server is exposed to the Internet. A single server running multiple applications is a rich target for hackers and has more potential for software incompatibilities. It's considered best practice to devote one function per server.
Once you've decided to dedicate a server to a single purpose, remove all software and services not directly related to that purpose -- simply disabling unused services through configuration settings may not stop hackers from using them. Among the things that you'll want to consider removing are unused network services, language compliers, and system development tools.
Also very important: make sure there's no instant messaging software on your server as it can be a gateway for intruders. And if your organization has an internal, private Web site on its intranet, it is best not to host that on the same server as the public Web site.