KML_FLASHEMBED_PROCESS_SCRIPT_CALLS
 

Security Basics: 5 Steps to Tighten Security for Microsoft Windows

October 23rd, 2012 by - 4,663 views

Security studies (including GoGrid’s internal research) strongly demonstrate that most systems will be attackedattack-in-5-hours within 5 hours after becoming publicly accessible—in some cases, in less than 2 hours. The sources of the attacks are often unsuspecting users whose systems have been compromised by malware and are in turn being used to attack and infect other systems. The majority of attacks target two common threats:

  1. A combination of commonly used system accounts (e.g., the Administrator account) with weak, dictionary-based passwords
  2. Systems that are missing critical or high-security vulnerabilities

Solution

This document provides GoGrid’s security recommendations for Cloud Servers running Microsoft Windows. Perform these 5 steps in sequential order immediately after provisioning new GoGrid Cloud Servers to maintain the integrity and security of your system.

Note: For a step-by-step how-to with screenshots, please see the companion article, “How To Tighten Up Windows Security.”

lock

Step 1: Patch your system

Attackers will typically scan your system for vulnerabilities within 2 hours of being publicly accessible. Often, the attackers search for un-patched network services that can be exploited remotely. To ensure system security, GoGrid recommends that you:

  • Apply all applicable critical or high-security updates immediately after your first successful login.
  • Disable all unnecessary network services.
  • Review security updates weekly.

Step 2: Rename the administrator account

Attackers will typically perform a dictionary attack against a system within 2 hours of becoming publicly accessible, often targeting the administrator account. To reduce this threat, GoGrid recommends that you:

  • Rename the administrator account with a non-dictionary one such as “4rfv%TGB”.
  • Don’t allow anonymous enumeration of Security Account Manager (SAM) accounts and shares.

Step 3: Change your Windows default administrator account password

As part of provisioning new Cloud Servers, GoGrid provides its customers with auto-generated strong passwords for the administrator account. The password is temporary and should be changed immediately after patching your system. To ensure your password is strong, GoGrid recommends that you:

  • Create a password that contains at least 12 characters.
  • The password should meet complexity requirements to help reduce the threat of an attacker guessing it. Use a combination of alpha-numeric characters, upper and lowercase letters, and non-alphabetic symbols such as @# % in your password.
  • Don’t share the new password with anyone outside your organization, including GoGrid personnel.

Step 4: Install anti-virus (AV) software

Effective use of AV software can help reduce common malware infections and in some cases, zero-day threats. To reduce such threats, GoGrid recommends that you:

  • Deploy AV software that uses heuristic techniques to identify new malware or variants of existing ones.
  • Consider running your AV software in real-time protection mode (automatic protection) on file extensions commonly used by malware authors such as those ending in .exe, .dll, .sys, .scr, .drv, .ocx, and .pdf or any archived or compressed file extension.
  • Perform full scans at least weekly.
  • Update your AV definitions at least daily.

Step 5: Limit web browsing to only trusted sites

A current security threat report from a leading security firm states that, “85% of malware, including viruses, worms, spyware…comes from infected websites with drive-by downloads marked as the top threat.” To minimize risk, GoGrid recommends that you:

  • Avoid web browsing from any of your cloud systems unless it is an emergency.
  • Employ the highest security browser setting in the event web browsing is required.

As an ongoing effort to make cloud computing safer and better, GoGrid will be providing several primers on security. Next up: “How To Tighten Up Windows Security.”

The following two tabs change content below.

Mario Duarte

Director of Security at GoGrid
Mario is GoGrid's Director of Security responsible for all security-related activities. He has 14 years of experience as a security professional working in the retail, health care, and financial sectors. He has built and managed security teams, developed and implemented security programs, and managed PCI and HIPAA compliance initiatives for medium and large organizations.

Leave a reply