As a network security provider, one of the biggest challenges for many of our clients before they come to us is taking steps to prevent server hacking. For many small businesses, the servers that you’re using to run your website, manage your emails and host your other business applications are a huge source of vulnerability, but many business owners don’t know how best to protect the sensitive data that sits on those servers.
Here are some steps you can take to keep your data safe and prevent server hacking.
Step One – Understand Where Your Data “Lives”
As more businesses turn to cloud-based applications to manage their data, the amount of data that is being managed in house is reduced. But, it’s important to understand what data is residing on which servers, and to understand how the security of those servers is being managed.
If your servers are cloud based, your cloud services provider will handle many of the technical details that will prevent server hacking. However, this does not resolve your business from all responsibility; even cloud-based servers can be vulnerable to hacks when good internet security protocols are not followed. To ensure that all your data is safe no matter where it resides, you must understand what data resides on which server, and have a plan of action to prevent hacking in every location.
Step Two: Manage Your Environment
You might find after reviewing all the systems that are being used in your business that you have quite a few different servers and locations where your data is being managed. In addition to the “approved” ones that are critical to your business, you may find that some of them are “rogue” applications that individuals in the business are using without management oversight. Others may contain old or outdated information. Still others might not have had upgrades or security patches applied in a long time, if ever.
It’s important to address these issues to prevent server hacking. Begin by removing outdated applications that people aren’t using from your server, and keep the number of applications to a minimum. As for rogue applications, apply a process to ensure that these accounts come under some form of oversight, that there is a strong business reason for using them, and that security protocols are being followed. For all systems running on your server, make a point of running security patches and upgrades as soon as possible after they are released to ensure that your data has the most up-to-date protection available.
Step Three – Improve Your Password Protocols
Whether your servers reside in-house or on the cloud, one of the most important steps you can take to prevent server hacking is to use good password protocols. This human factor is actually one of the biggest areas of vulnerability for most businesses. Improving your password protocols means:
- Never share usernames and passwords via email or instant message.
- Don’t use easily guessed passwords.
- Change all default passwords.
- Don’t use passwords based on personal information.
- Don’t reuse passwords.
- Change passwords frequently.
If you’re like most business people, having to regularly change passwords while using different ones for every account gets to be a pretty big job. One tip to manage this job is using LastPass, a password manager that manages all your passwords in one place, using randomized passwords that are changed on a regular basis. You simply have to remember your LastPass password, and it remembers the rest.
This list of tips to prevent server hacking is far from exhaustive. However, addressing these common areas of weakness will go a long way to prevent your business from experiencing a costly server hack.