Part of the SECURECARE suite of products
“Securecare is a comprehensive suite of premier managed security services which are strategically aligned to meet the security needs of a client’s individual business environment and critical information assets/systems.”
The need for a secure server platform.
Servers are depended upon to deliver data in a secure, reliable fashion. There must be assurance that data integrity, confidentiality and availability are maintained. One of the required steps to attain this assurance is to ensure that the servers are installed and maintained in a manner that prevents unauthorized access, unauthorized use, and disruptions in service.
With all eyes on the Internet, many companies primarily focus on ensuring security through firewalls, DMZ configurations, and on hardening the systems that support their web presence and other Internet-based services. It is sometimes easy to forget that security concerns don't end at the Web gateway. The Internet is not the only front requiring defence; consideration is also needed for the security of internal systems. After all, it is the internal servers that really hold much, if not all, of the intellectual property of a company. With 34 per cent of security incidents being reported as originating from inside a network, it is absolutely imperative that all your servers are secured so that you are protected against security threats whether originating from "outsiders" or "insiders".
Securecare - Server Security Managed Service
To meet such customer needs Brookland Computer Services - has developed, as part of the Securecare programme, the Server Security solution. Designed to compliment our standard Server Health Check programme, this enhanced managed service is a robust practical solution which assures, for our clients, a secure and dependable server platform upon which to build their business.
The Securecare Approach
Server Hardening-securing it down.
Servers typically are installed with a multitude of utilities and applications that can provide potential back-door access to an organisation's systems.
In addition, the operating systems are usually configured in an open state to allow easy connectivity for the end user.
As part of our Server Security service we annually harden the servers to ensure that they are very much "locked down" and as result less susceptible to exploits and common attacks.
All unnecessary network services are disabled and appropriate security features are activated and configured in accordance with clients required needs.
Based on established guidelines from the software vendors and normal industry best practice, we then create a formal operating system policy for each server. The statement clearly defines the configuration established for each of the servers and records set up parameters established for the file system, account and password controls, operating system and application patch management levels.
Patch Management – Keeping it secure
With over 70 new network and operating system vulnerabilities identified each week, it is widely recognised that a server hardened today may be vulnerable to attack tomorrow.
According to recent research undertaken more than 90 percent of all security breaches involve a software vulnerability that could have been avoided if only an existing known interim software update release/patch had been applied.
The problem is that new vulnerabilities emerge so quickly many customers just cannot keep up to speed with the threat. Often they lack the resource to investigate and the methodology for regular deployment.
To ensure the continuing hardened status of servers we take over the patch management responsibilities for our clients. Based on best practices, we ensure that the servers are routinely patched, and security log files reviewed, on a monthly basis or more frequently as demanded by the severity of a threat. On an annual basis we apply proven released service packs and ensure, through a formal audit, that hardening is still fully optimised.
For further details please phone 0208 652 2600