In this blog post we will target explaining the importance of server and environment maintenance from security point of view. In our industry security is proven to be a key element and as is, needs continuous attention, instead of assuming that with a one time action proper security level can be achieved. This latest statement can be odd, you can think about why is that? How it can be ruined if once it is made great? Software components can contain bugs, security leaks, which are already there, but has not been discovered yet - when such a vulnerability has been identified and made public, servers or software components with this vulnerability can be easy target.
Therefore Nebu decided to perform more frequent server maintenance: it always has been important to keep servers up-to-date, but we clearly realized that updates have to be frequent enough to increase security and to decrease downtime.
Apart from servers level in most cases other components has to be checked, need to consider firewalls, switches, SANs and any other active network devices - very important from security point of view. In case you have physical servers, keeping firmwares, BIOSes, drivers, controller software up-to-date is another level of challenge, as usually these tasks require expert level knowledge and risk of a potential failure is usually immediately high, with high business impact then.
Would be too simple. To have a system which is running on optimal level, you have to perform some regular tasks, not to have a complete list but giving some ideas about the complexity (even if most of these tasks can be highly automated):
A planned server maintenance can be a good opportunity for checking backups, adjusting server resources, especially if the servers are virtualized and changing the virtual machine configuration is a matter of few minutes work. During a maintenance, there are usually changes that require a reboot of a server, but even if it is not specifically required, when it does not have clear disadvantages, doing a reboot can keep server fresh.
Each maintenance action has to be followed by reviewing the alerting and monitoring system and necessary application level tests has to be executed.
For all organisations it is worth regularly reviewing, if the necessary steps for providing the necessary security level relevant to that organisation are done and if those steps are possible to be done within that organisation. Answering this question will end up in discussing expertise, resources and where you would like to shift your focus.
There is a lot, that happens during a maintenance and one of the great part of our hosted system is that of course these actions are all done by our experts and the experts of our hosting partner!
Considering that both Nebu and its hosting partner does regular checks with external security experts, how to harden the security of our systems, in most cases this is something harder to solve in an in-house system, just with the own staff of a company.
If you would like to learn more about security and how to protect your data, download our white paper (yu can find the form on the right).
It helps to understand who should comply with regulations, who is the data controller, issues around Cloud Computing and geographical regulations and much more.