In-Security
Monday October 4, 2021
In the ever-changing world of Information Technology, the one thing that seems to remain the same is security. Red teams vs blue teams, white hats and black hats – by now most of us in IT have heard and seen just about everything there is in the realm of computer and network security. So, those of us that eat, sleep, and breathe IT know exactly how important it is to be proactive rather than reactive. Having a trusted Anti-Virus software from a trusted vendor installed on your server is just one of many ways you can help to keep your data secure.
One semi-recent change in the world of security is the rise of crypto-viruses, more commonly known as ransomware. In less than a year’s time, we’ve seen two fairly large organizations affected by ransomware. According to security researchers at PurpleSec, the recent attack on Kaseya came with a seventy-million dollar ransom note. While ransomware itself is not new, it is growing more and more sophisticated. Worried? You should be, because from May 6th, 2021 – May 12th, 2021 the colonial pipeline was shut down due to a ransomware attack. Even the City of Atlanta has fallen victim to Ransomware. These attacks have cost companies and taxpayers alike millions to recover from.
So, what can be done to keep your data and personal information safe?
Start with a trusted Anti-Virus solution.
GigeNET would like to officially announce our partnership with ESET, makers of the famed NOD32 Anti-Virus. We offer ESET protection for Windows and for most Linux Distributions starting at $5.00 per month. This is a new option on all new server orders. Please reach out to our sales team if you wish to add it to an existing server.
Of course, good Anti-Virus software is not the only necessity. It is considered not only best practice, but vitally important that the following steps are taken to secure your server or your personal computer:
- Always take backups. If you actually care about your data, you will back it up. Local backups to a backup drive in your system are good, but using a remote backup system is preferred. (GigeNET offers both R1Soft and Veeam as add-on remote backup services).
- Keep your operating system and applications up-to-date with the latest updates and security patches. Typically, while the information might not always be fully disclosed or announced, most operating system updates are to fix security-related issues or bugs. Some IT professionals recommend holding off for a while before applying new updates since occasionally updates have broken a system. However, as long as you follow step 1 above, you have a solid backup to fall back on. The small chance of encountering adverse effects from an update is easier to mitigate than leaving a security vulnerability in place.
- Firewall it. Your server is on 24/7 with one or more public IPs. Leaving these IPs unprotected by a firewall is just asking for trouble. Any firewall available will secure unused ports and allow you to limit how the other ports are accessed. It all comes down to the configuration.
- Don’t slack on user administration. Quickly disable accounts when a user leaves and ensure that no account has more access than is needed. Good user administration can reduce the number of accounts available for a hacker to exploit, prevent bitter ex-employees from doing harm, and mitigate the exposure should an account become compromised.
- Use complex passwords. All your security measures are for naught if you are using passwords that are trivial to crack. A good password is one that cannot be remembered without frequent, repeated use. Store your important passwords in a password manager instead. I personally recommend KeePassX , but there are many others around. The trick is to use a password for your password manager that you can remember, but something still difficult to crack. Remember to use special characters!
- SSH Keys. For your Linux servers, disable password authentication altogether and use SSH Keys to authenticate. If you must use password authentication, it’s recommended that you use a non-root user to log in, then su to root in order to perform actions as the root user.
- Do not open unsolicited email attachments, even from people you know. Before you view what seems like a harmless attachment even from a friend, you should confirm with the sender what it is they’re sending.
Please keep in mind that this list is not the end-all and be-all list of security practices, but taking the above steps will definitely help reduce the level of probability that you’ll lose your data due to outside attackers.