Dedicated Server Security Checklist

Dedicated hosting offers great features and great service, and as revealed by the Cyber Attack Trends: 2019 Mid-Year Report, no environment is immune to cyber attacks and that includes dedicated servers. It is therefore critical to protect your website, company reputation and your business overall, by putting robust security measures in place, that do not have to be costly. Here is our 2019 dedicated server security checklist. Use it as a guide to help protect your dedicated server, your business and your customers’sensitive information.

1. Get the right protection

Start by choosing the right security software for your dedicated hosting service. This is a major decision that you do not want to take lightly. Here are some things to bear in mind when making that decision:

  • Select a dedicated hosting server that offers some type of built-in protection. For example, the best plan is one that offers DDOS protection.
  • Examine the security features. You want to carefully look at the features that are included in the plan. However it is also important should know what add-on service your host has available.
  • Do not be afraid to ask any questions and to be very specific about what your security needs are.
  • Discuss these issues at length and then decide to go with the best and most reliable option that provides exactly what you need.

2. Regularly install updates

As basic as this may sound, it is quite easy to skip this basic time step. However, it is never wise. Because no one system is perfect, developers use updates to fix problems that they identify with their software, etc. This makes outdated software one of the most exploited areas of website vulnerabilities. 

It is therefore important that you install updates on a regular basis, to ensure that your servers are not left vulnerable and disposed to hackers and cybercriminals, who are always on the lookout for any vulnerability to exploit. 

If keeping up with install updates is proving too difficult a task for you, a managed server from your hosting provider is an option to consider. 

3. Install only software you need 

Not only do you need to install updates regularly you also have to ensure that you only install software that you absolutely need. If the software is not necessary for the operation of your server and your website, do not install it. Here’s why.

When you install software on your server that you don’t update, use regularly or that are just not necessary, you open the window to hackers to launch an attack on your server.

So you have to be very alert. If you, for example, operate a WordPress site and use several plugins, make sure that the plugins are updated. You should also ensure the plugins and software are from trustworthy sources and again, ensure they are absolutely necessary.

Failure to do these checks and balances could put at risk for a cyber attack.

4. Ensure networks used are trustworthy

This may have been mentioned before, but always, always ensure that you the networks you use to log into your dedicated hosting service is trustworthy. This is a crucial security checkpoint, because if there are weaknesses, even the local network that your computer connects to can be a vulnerable security point.

For example, just about anyone within your organisation can pose a security risk if they use a public network to log in to the server. 

One way to protect against this is to select a single, secured and trusted network for server logins and ensure it is always used. 

You can also decide that only a selective few have access to the server. Make is a requirement that they change their login credentials regularly. This provides an extra layer of security for your server

5. Combat dedicated server security by doing frequent back-ups

Life does not offer guarantees and neither does your server, so at any point something can go wrong and cause you to lose your information. Whether this data loss is caused by a security breach or a technical accident, you want to ensure that you have a full backup of your entire website, company files and any other important information.

Prolonged downtime or being offline for an extended period of time can drastically affect your business and your reputation. However, ensuring you have a proper backup system in place will allow you to restore your website and its content swiftly.

It also gives you the opportunity to reinforce any vulnerable areas that would have identified during the process. Back-up is not only a security measure; it is also a safety net that protects you in times of need, so ensure you make it a priority. 

6. Create an emergency protocol 

Earlier it was mentioned that you need to have a proper backup system in place in case of data loss. To take that one step further, ensure you have an emergency protocol in place, in case there’s a dedicated server security breach or website or major detail loss.

Here are some tips to consider when establishing your emergency protocol: 

  • Designate a point of contact at your company’s data center & be sure to keep their contact details up to date.
  • Select a lead administrator and a backup person just in case the lead isn’t available and ensure a contact person is at your hosting provider ready to provide technical support if needed.
  • Anticipate how a potential attack could impact customers & prepare possible solutions.
  • Create a plan for replacing usernames and passwords in the event that there is a breach that results in data loss.
  • How pre-written statements that you will send out to your customer email list and place on your website immediately after you recognise that a breach has occurred. Let them know what happened and what the next steps are.
  • Don’t deal with everything internally. Establish a relationship with a management company outside of the organisation and reach out to them for assistance if there’s a breach.

7. Secure SSH and remote access

Secure Shell or SSH keys can be used as a great alternative to passwords to secure your SSH access to dedicated server. 
You can also alter your SSH port to bolster the security on your dedicated server.
Additionally, to throw off hackers, you can consider disabling the direct route login or restricting access to IP addresses that may be harmful. 

8. Secure and maintain databases 

Databases that potentially store sensitive customer information are another very vulnerable point of entry that cyber criminals tend to exploit. It is therefore crucial that you secure your databases by doing the following:

  • Use SQL injection resistant
  • Limit the database user privilege
    • Delete unnecessary data
    • Limit areas of interaction between the customers and the database where not required. 

To are also a number of database administrative tools that you can use to help mitigate this issue.