Defending servers – Cyber Security Webinar part 3

Make sure you protect your critical business assets – the servers

Author: Eija Paajanen
Date: 22.09.2015
Read Time: 2 Minutes

Simply put, servers face the same vulnerabilities and threats than workstations – i.e. software vulnerabilities and exploits, software misconfigurations, and credential leakage. However, due to their often critical role in the company IT infrastructure, they might be harder to protect, as the attackers are interactive, and willing to put some effort into breaking into servers.

The UConn’s School of Engineering, for example, found this to be true when apparently Chinese attackers hit the university. The school’s IT employees discovered malicious software on a number of servers that are part of the school’s technical infrastructure. This software potentially compromised data residing on these servers, including sensitive information pertaining to research and individual communications.

Typical cyber-attacks against servers include, for example:

  • code execution attacks, where the attacker is able to feed bad data and take over a service, after which they can write files and run programs
  • SQL and other query injections, where the attacker is able to give commands to the database server e.g. to read all data on the server or modify it
  • cross-site scripting, where the attacker is able to feed the victim a link, which changes the behavior of your web service.

There are many ways to protect servers from cyber-attacks. However, in the end, your best defense is to limit the attacker’s options. You can do this by minimizing the possible entry points into your network, by minimizing the tools available on the server, by making the data difficult to access in various ways, and by making the data useless when extracted from the content.

Learn more about the ways to defend servers from this video:

More cyber security information in the upcoming webinars:

15 October 2015 at 11.00 EET Defending the network
9 November 2015 at 11.00 EET Responding to an incident
3 December 2015 at 11.00 EET Building secure systems

In case you missed the earlier webinars, check out the recordings here:

Download the “Defending servers” presentation slides or learn more at our SlideShare page.

One thought on “Defending servers – Cyber Security Webinar part 3

  1. Thanks for recording and posting the videos. These are tons of great information to help businesses (and everyone else) stay informed and learn about cybersecurity. Looking forward to learning more with you!


Post Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s