This afternoon I had a great conversation with a colleague about securing servers. He specifically asked what we need to do to ‘Secure’ them?
My first question was “How are they being attacked?”
Which led to a good conversation, and a discussion on the philosophy of securing computers and networks. It is very easy to throw security controls at an issue and hope for the best. On the other hand, you can look at the environment, the attack vectors, possible vulnerabilities, and deploy the necessary security controls that protect the environment in a more targeted and efficient manner.
So, we decided to look at the services, the servers, the networks, possible attack vectors, and the current logs & indicators on the server to best determine what controls will be needed and what we can effectively deploy.
In a perfect world, with unlimited resources, and zero threats, it would be easy to ‘Secure’ a computer. I am still on the lookout for any of those scenarios!
JKimmitt's thoughts on Cyber, Security, Privacy, and more.... 