Top Ten Issues to Protect Windows Servers

How do you protect your Windows servers from malware? Whether you're talking about Active Directory domain controllers, Exchange or SQL Server-based systems, file servers or even systems or terminal services that provide VPN access, what you're doing may be some distance from the best protection.

In the past two years, I have only seen Windows servers running various malware protections. But why is malware protection still not taken seriously at the server level? Probably because of the administrator's thought: "It's a server, no one really has to do too much on top of it" or "I can't trust my users in the confrontation with malware, but I am confident that I won't Any error steps on the server can lead to a malware infection." Everyone has their own ideas on this incident.

If you don't want to be attacked, you should protect your Windows server even more advanced. One project I recently worked on did not happen and a company ended thousands of systems, including dozens of Windows servers infected with Advanced Persistent Threat (APT) worldwide. Some servers are protected and some are not. It is these inconsistencies that will be bad for you. Not only that, your business may be subject to some compliance rules such as PCI DSS, HIPAA, and others. Or maybe your legal team has agreed to a contract or service level agreement (SLA) that includes malware protection.

It doesn't matter how you plan or actually use your Windows server, they are all at risk of malware infection. It's important to understand this. This is not just your highly visible production system, but all. And when it comes to implementing information security assessments, I give customers the same advice: everything is fair, why do you only see a small part of the environment? Bad guys and malware don't understand the boundaries, so it's better to protect everything that spans the enterprise, including those that you think are strategically unimportant.

Here are 10 questions you can ask yourself to help better handle Windows Server Protection:

1. What rogue software threats are we prepared to deal with? Have we documented these threats in our incident response plan?

2. What rules, strategies and contracts should we be responsible for?

3. Do we need to perform real-time scanning?

4. Is there any file/folder exclusion that needs to be merged into the anti-virus software configuration to eliminate bottlenecks in other problems?

5. Do we need additional protection at the web browser level to block phishing and browser-related attacks?

6. Does the administrator check the mail on our server? Is there a better way to help minimize these risks?

7. What is the best way to scan the whole system? Need a full system scan?

8. Do we only need to protect the OS volume or our data volume for possible infected files?

9. In addition to the production server, what other physical or virtual Windows servers need to be protected?

10. Does our border or cloud-based anti-virus software provide enough protection to determine that there are no server-level things running?

After answering these questions, you should review a set of basic guidelines for anti-virus software that Microsoft runs on a Windows server. The review is rewarding.

If you really want to delve deeper into these issues, you may find that your server is protected against malware. If you choose to ship anti-virus software on your Winows server, focus on the right target. You don't have to worry about which antivirus vendor is the best (I don't think there is a best solution), just focus on the best way to protect your server from malware. This means you can run the same and different anti-virus software on your Windows desktop.

Only you know what is best. hurry up!