Featured:
Allergies
Tech Know
Grilling Guide
eHow Now Blog

How to Secure an Intranet Server

How to Secure an Intranet Server thumbnail
Keeping an intranet server secure is good business.

As more companies add intranet servers to their corporate networks, the risks of a security breach increase. There is often a tendency to be lax on security for internal servers, since they are not exposed to the public. However, many such breaches are caused by company employees, and in such cases external security measures are of no effect. It is imperative that businesses that implement intranet servers also implement sound security policies and procedures that govern those servers, so that the business can enjoy the greatest degree of information security possible.

Instructions

    • 1

      Put the intranet server behind a locked door. This will help to avoid intentional and inadvertent mishaps. While it may seem to be an obvious step, there are many who do not do this one simple thing to provide physical security for their intranet servers.

    • 2

      Apply critical updates and security patches. Providers of server software are constantly providing fixes for security holes that have been discovered, and these should be applied to the server at the earliest possible opportunity to keep the exposure to known exploits as low as possible.

    • 3

      Implement a strong password policy. This should include a required minimum length, required character variety and required password change intervals. Typically a password should be at least eight characters in length, should include numbers and uppercase and lowercase letters and should be changed at least every 90 days or less.

    • 4

      Turn off unnecessary services. If the server is to be used to serve up HTTP pages, then turn off FTP, SMTP and other protocols that carry security exposures. If the server is a DNS/DHCP server, then turn everything else off. Limit the active services on the intranet server to only those things that it is intended to perform.

    • 5

      Perform random security audits. Review the logs to look for intrusion attempts, check for suspicious-looking user identifications and passwords, and check the process list to see if unnecessary services have been turned on. This due diligence is a requirement regardless of the degree of automation you may have implemented in your company.

    • 6

      Develop and implement a security policy to govern intranet servers. If you do not have a definitive policy on paper, then there is a default policy in place, which is that the administrator sets his own security standards. In this case, there is no real accountability for the security of the intranet servers.

Related Searches:

References

Resources

  • Photo Credit hypertext transfer protocol image by Pei Ling Hoo from Fotolia.com

Comments

You May Also Like

Related Ads

thumbnail
Featured