Getting your Datacenter Ready for the Holidays
The Christmas holidays are coming up and most people look forward to them as always.
One aspect of the holidays though that might be worth to remember is that your serves might be more attacked during the holiday seasons since many hackers assume that your usual vigilance for monitoring brute force attack and dictionary attacks is lowered.
This year, Christmas Eve is on a Tuesday and for quite a few the time away from work can be up to a couple of weeks, including system administrators and techs. The downside to this well-deserved leave is that it might give an attacker at least two weeks to try and hack your servers without anyone noticing it.
Holiday preparedness list
A few things you may want to do before you leave work for Christmas.
Make sure your servers and systems (such as firmware for switches, Wi-Fi and so on) have all necessary security patches installed.
Make sure your antivirus is running and updated.
Firewalls and Wi-Fi entry points
Have a final look at any entry points to your networks i.e. have a look at firewall rules and Wi-Fi access points. Shutdown everything that does not need to be running.
Have look around and see that you do not have any unnecessary test systems running, if for no other reason than to save money on current. If your test-servers are in a virtual environment, shut them down since they could pose a security risk. Test systems are always test systems.
External access via VPN
Make sure you do not have any rogue VPN certificates out in the wild or any users active that should not have access. Also, consider changing administrative passwords if it has been a while.
Have a look at battery and charging levels for your UPS. Should a power failure occur and these things don’t work, you might be forced to fix a failed hard drive on Christmas Eve and nobody wants that.
Hardware health checks
Check for any hardware errors in your monitoring software (such as the HP Insight interface) to see make sure you do not have hard drives that are predicted to fail or any other hardware malfunction going on.
Have a good look at your backups, logs and doublecheck they are running correctly, and that data is duplicated automatically. Especially for any backups that clear log files such as Exchange backups, SQL Server backups. You do not want to fill up your system drives if you are not around to take care of it.
Make sure there is an updated plan in place with the correct phone numbers and contact info to the right staff and suppliers in case of an emergency. Have a look at the schedules to see who is on call and make sure the plan is reachable, even if the datacenter is not.
Install software for monitoring and scanning your network and have it alert via email for anything strange such as a new device on your network, a newly created user somewhere, mismatch in network configurations and so on. You could have a look at SpiceWorks that is free and gets the job done if do not have anything in pace now.
Brute force and dictionary attacks and intrusion detection
Install Syspeace to automatically block, trace and report any brute force attacks against your Windows, Citrix, Exchange OWA, Sharepoint, Terminal servers, Sharepoint and so on.
I am sure there is even more things that might be worth doing but this is a start anyway.
We at Syspeace wish you a Happy Holiday!