Security studies (including GoGrid’s internal research) strongly demonstrate that most systems will be attacked within 5 hours after becoming publicly accessible—in some cases, in less than 2 hours. The sources of the attacks are often unsuspecting users whose systems have been compromised by malware and are in turn being used to attack and infect other systems. The majority of attacks target two common threats:
- A combination of commonly used system accounts (e.g., the Administrator account) with weak, dictionary-based passwords
- Systems that are missing critical or high-security vulnerabilities
This document provides GoGrid’s security recommendations for Cloud Servers running Microsoft Windows. Perform these 5 steps in sequential order immediately after provisioning new GoGrid Cloud Servers to maintain the integrity and security of your system.
Note: For a step-by-step how-to with screenshots, please see the companion article, “How To Tighten Up Windows Security.”