Control how to access to your servers

Avoid direct remote connections to servers

Remote connections to servers are used for technical interventions on remote machines. They allow off-site teams to perform interventions, but also allow on-site teams to carry out their duties without requiring physical access to secured IT rooms.
 

Remote connections pose an authentication problem and to set up your own company hygiene, you can use these questions as a starting point : 

  • How do you ensure that the technician is the person they claim to be?
  • Is their work station sufficiently secure?
     

It is also an additional open door for external attacks. Use a VPN and a password and check the access logs.

Shut down unused services and ports

Unused open ports and/or unused services are favourite entry points for malicious code. Closing them is a simple and effective measure that does not harm the functionalities of the machines.
 
Unused ports and services can be scanned quickly and easily using free tools that yield a list of potential loopholes which are easy to exploit.