Every server connected to the public internet is vulnerable to intrusion. It’s important to implement basic security procedures when you first setup a Windows Server to ensure it is secure from attack.
This article will outline some key ways to secure your Windows Server.
Download All Available Updates
Most servers are installed with an image of Windows Server that may not have all of the latest security and performance updates installed As soon as you receive the credentials for your Windows Server, make sure to login and install all available updates.
Set Firewall Rules
Locking down open ports is an easy way to prevent unauthorized access to a server. Consider removing as many firewall rules as possible which will close all of the ports you are not using for your applications.
You’ll want to ensure that common ports like 3389 for remote desktop access and port 80 for web traffic are open as needed so that your applications can continue to run as expected.
Set Strong Password Policies
If many users are connecting to your Windows Server, especially novice users, consider enforcing a strong password policy. We recommend having a minimum password length and complexity as well as a password expiration policy.
You will also want to only provide users with the admin access level required for their access to the server. Having multiple people with admin privileges who don’t need it is a recipe for disaster.
The most common form of server intrusion is through weak passwords, so it’s important that every user has a strong password set with the correct user privileges.
Disable File Sharing
Windows Server file sharing has historically been a point of compromise for many servers due to the ports that must remain open for this purpose. Unless absolutely required, we recommend disabling file sharing.
Backup Your Server
The best way to truly secure a server is understanding that no technology is perfect, and even with the best implemented security policies, things happen. Maintaining routine full server backups gives you the peace of mind knowing that you can easily restore the data when you need it. Equally as important to performing backups is testing to ensure the restoration of backups works perfectly and is a known process. There is nothing worse than realizing the only backup of a server has been corrupt all along.
There are many ways to secure a Windows Server. We’ve outlined some of the most important aspects, but there are so many other things you should consider.