[The last post in this blog series was on mobility platform security from the users’ perspective. We will now take a deeper look at the same from the network and server perspective.]
In the current IT scenario of distributed systems, the web & app servers act as a communication endpoint for the consumption of data and services. This makes them a preferable target for the cyber attackers. A recent Data Breach Investigations Report by Verizon says that the 95% of confirmed web app breaches were financially motivated. To protect the financial interest of an organization, it’s critical to protect their IT infrastructures, especially the servers that are exposed to the public networks.
The following are the areas to focus on in order to improve the server and network security.
- Security Patches: It’s critical to keep the server’s OS updated with the latest security patches and OS updates. Most of the security patches are written to fix the security vulnerabilities in the system which can be used by the hackers to attack the system.
- Access Keys: As passwords are less secure and easy to break, SSH Keys can be used to remotely access the servers instead of only using passwords to do so. The SSH Keys are the security keys that are provided to those users who possess authorization to access the servers. Whenever someone tries to access the server, it uses these Keys as an authentication mechanism. These keys are complex, tough to break and can be used along with the passwords as well.
- Firewalls: A firewall is a hardware that monitors and controls the traffic in and out of a network based on predefined rules. They act as the first line of defence between the untrusted network, such as the internet and the controlled internal network of the organisation. In the current scenario, it’s critical to install a Next-Generation Firewall (NGFW) which is capable of arresting application layer and malware attacks.
- VPNs: Accessing an organisation’s private data via an unprotected public network is a huge threat and might lead hackers to easily infiltrate the organisation’s network. A Virtual Private Network (VPN) can help solve this problem. They empower users to securely access a private network via a public network by implementing encryption protocols which make the data difficult to read for the infiltrator.
- Indirect Access: Critical application servers and database servers should be isolated from the public network and be restricted from accessing directly. Those systems must be given access only via a secure system with the multifactor authentication process.
About Market Simplified: Market Simplified is a thought leader in handcrafting custom solutions by continuously innovating and simplifying finance. We have maximized the revenues of industry leaders like OptionsXpress (Charles Schwab), Currenex (State Street), MB Trading, Maybank Kim Eng, Kotak Mahindra Bank and National Stock Exchange of India by providing enhanced and sustained user engagement through Experience Engineering.
About The Author: Gokoulane Ravi is a foodie, technology enthusiast, and a developer turned marketer with more than 5 years of experience in the space of mobility. When he is not working, he likes to read, write, run and cycle.