做生意嘅嘢,最緊要就係穩陣,好似間屋咁,地基唔穩,起幾高都冇用!你哋個Server,就係你哋生意嘅地基,地基唔穩陣,你估啲黑客唔嚟咩?佢哋日日喺度𥄫住,好似啲狗仔隊咁,一有窿罅就捐入嚟!
所以,今日我就要同你哋講吓,點樣保護你哋嘅Server,等佢哋唔好咁易俾人hack咗!如果你哋唔知點做,或者驚自己做得唔夠好,咁就要聽住喇!
Server Secuirty 第一步就梗系Update!Update!Update!
Software同Operating System嘅更新,就好似你部電話嘅系統更新咁,一定要做!啲黑客最鍾意就係搵啲舊嘅漏洞嚟攻擊,你唔更新,咪即係打開門口請佢哋入嚟飲茶咩?Software公司會send啲更新通知俾你,千祈唔好懶,一見到就要做!雖然有時要test吓兼容性,但係人哋出之前都test過㗎喇,唔使驚!用啲Patch Management Tool、Vulnerability Scanning Tool,呢啲嘢幫到你!
電腦做嘅嘢,就交俾電腦做!
人,就係最易出錯嘅生物!好多Server出事,都係因為人為錯誤!你班員工做到隻狗咁,好易出錯㗎!所以,有得Automate嘅嘢,就Automate!例如自動下載同安裝Patches,依家仲有AI產品可以幫你Monitor、Protect同Upgrade你個系統添!
VPN!VPN!VPN!
VPN,就好似一條秘密通道咁,你啲數據經呢條通道傳送,就唔使驚俾人偷睇!唔同地方嘅電腦,都可以用VPN連埋一齊,安全又方便!好似你喺屋企,都可以用VPN連返公司個Server咁!
Always Zero Trust!
Firewall同VPN都有個缺點,就係入面嘅嘢,佢哋管唔到!啲黑客一入到去,就周圍走!所以,要用Zero Trust!Zero Trust就係,冇授權,就乜都唔俾你掂!好似個保險箱咁,冇鎖匙,就開唔到!
Encryption好緊要
所有嘢都要加密!好似你寄信咁,一定要封好,唔好俾人睇到入面啲嘢!用SSL Certificate、SSH、FTPS,呢啲嘢都係幫你加密嘅!連去Remote Server都要用VPN,總之就係,加密!加密!加密!
唔好淨係用普通Firewall!
Firewall梗係重要,但係唔好淨係用普通嗰啲!搵啲Managed Security Service Provider (MSSP),佢哋會幫你搞掂Firewall、Application Control、Web Content Filtering,仲會幫你Update添!
改咗啲Default Setting先!
好多系統Default個Account叫”root”或者”admin”,啲黑客一睇就知!所以,一定要改!仲有,啲Wi-Fi Access Point個名,都唔好用Default嗰個!總之就係,唔好俾人咁易估到!唔好比機會D hacker Brute-force attack你啊
多Server就做Virtualization!
將啲Server分開,就好似將啲雞蛋放喺唔同嘅籃咁,就算一個籃跌咗,都唔會全部爛晒!用Virtualization都可以做到Isolation!仲有,Intel同AMD啲新Processor都有Virtual Machine Encryption功能,更加安全!
設定複雜Password
Password唔好求其!唔好用”password”、”123456″呢啲咁簡單嘅Password!要用大小楷字母、數字同符號夾埋!仲要定期改!
閂咗啲唔需要嘅Port!
啲黑客會搵啲你唔知嘅Open Port嚟攻擊!所以,要用”netstat”呢個Command睇吓有咩Port係開咗,閂咗啲唔需要嘅!
Backup!Backup!Backup!
重要說話講三次。Backup一定要做!仲要Offsite Backup!驚啲勒索軟件?做Offsite Backup就冇有怕!仲可以考慮用Disaster Recovery as a Service (DRaaS)!
Internal Audit 都要嘎
定期做Security Audit,睇吓有冇可疑活動,Check吓Software、OS、Hardware Firmware嘅Update,仲要睇吓System Performance!
總之,Server Security就係咁!要做好呢十二式,先可以保護你哋嘅生意!唔好懶,唔好慳,做好Security,先可以安心賺錢!係咪?
想了解多D我地系邊個,睇呢度啦。總之,大家都要小心啲,唔好再俾呢啲事發生!想搵個專業公司問問點樣預防好,打來21273520畀我地EGC噶靚仔叔叔招呼尊貴嘎客戶你啦。
