Below given are the security measures which system
administrators and security professionals must take into account
to secure critical information available online, falling into
wrong hands:
- Install latest security patches available till date for the
applications and as well as the operating system running on
the servers.
- Don’t put critical and sensitive information on servers
without any proper authentication system which can be
directly accessible to anyone on internet.
- Disable directory browsing on the webserver. Directory
browsing should be enabled for those web-folders for which
you want to give access to anyone on internet.
- If you find any links to your restricted server or sites in
Google search result then it should be removed. Visit the
following link for more details:
http://www.google.com/remove.html
- Disable anonymous access in the webserver through internet
to restricted systems directory.
- Install filtering tools like URLScan for servers running
IIS as webserver.