Coursework on Countermeasures to mitigate exploitation of UNIX and Windows servers:
Every organization utilizing the internet needs protection of its systems to ensure that the files of the organization are not destroyed by software, designed by hackers. The firm needs to have an elaborate security system to ensure that all its files are viewed by authorized personnel. The files need to be safely protected, and measures to back up the information valuable to the company, should be put in place. Loss of system files may make the system unstable, interfering with the normal working process of the business. A fortune 500 company undertakes many transactions on an annual basis, and deals with a lot of money. The company has many rivals in the market. Therefore, to protect the interests of the business, the company needs to buy a specialized security system to protect its files (Chirillo, 2002).
As a security firm employed to handle the countermeasures needed to counter mitigate exploitation of UNIX and Windows servers, one of the counter measures would be application of patches and updates. This changes need to be evaluated and implemented in a timely manner with focus bearing on the effect of implementation against the effects of maintaining the current settings. Application of updates into the system mitigates both types of servers from malware, with the ability to propagate automatically. These security updates need to be applied regularly to protect the company’s information.
The change selected by the security officer are tested for practicality, the changes to the servers should have defined effects on the company’s system files and incase of a problem the procedures to deal with it should be known. The update for these servers should be obtained from a secure resource. This ensures that the updates are trusted, and the company can implement the update on the servers, with ease.
The source of this update may be the internal update servers that may be monitored to avoid external interference. Using internal servers to create updates for the company’s system ensures that foreign severs have limited access to the company’s files and vital information. Freeware and trials lack adequate security measures to prevent attack from foreign servers. To protect the company’s information, the company should formulate a rule to remove and avoid installation of these programs in computers in the network. This is because they offer avenues that an attacker may use to enter into the system.
Depending on the servers used by the company, those programs that are not useful should be removed from the network. The company may opt for use of a strong firewall to reduce the traffic that lacks adequate authorization from reaching the servers. The firewall ensures that only those with the right security clearance have access to the information in the company’s database. Some servers are capable of transferring and storing user files and data, like windows. If the servers are used by the company, it is necessary that the users conduct detection software to detect the malware that may be in the servers. This malware shored be removed from the system to prevent it from corrupting the company’s file. Regular scans should be conducted on the system to ensure that there are no traces of unauthorized changes (Gregory, 2010).
The organization should be advised to have a restoration file for all its data. A restoration file contains all the relevant information the administrator would want to restore into the system in the event of a failure that causes the system to fail. The security of the company is vital, and the system files need to be protected from unauthorized users. The secrets of the company may fall into the competitor’s hands, making the organization lose its competitive advantage. The company may also lose money through unauthorized accesses to the company’s resources. The work of the security officer is to ensure that the right measures are taken to ensure that the company’s information is safe from unauthorized users.