The basics of server security
Server security is the most critical component of any IT infrastructure, whether you use LA colocation or an in-house server room. Even if you have firewalls, IDS, or IPS systems protecting your servers, if there is a vulnerability, a hacker could get in without triggering any alarms. Server security is easy to implement, and you can break it down into the following components:
Updates
Always keep your servers as up-to-date as possible. Operating systems and software vendors issue patches almost every day. Patching systems regularly, especially when you need to stop services and restart the server can be an issue for systems that run all day. However, you can either use a load balancer or simply plan downtime every week to apply patches.
Event Logs
The event logs on servers have a lot of information about running-systems and any potential issues. Some applications pull and parse logs looking for issues that send out email alerts. Use log analysis software to stay ahead of any potential problems.
Honeypots
A honeypot is a server that is set up to look like a normal server but exists only to attract attacks from potential hackers. When your system detects an intrusion to the honeypot, the next step is blocked all traffic from that IP from your main systems.
Scans
Finally, use an application like Nessus to scan your servers for any known vulnerabilities. These scanners use range of sources for vulnerabilities and will generate a report with the issues and potential remedies.
All of these security measures are taken on top of what your data center provider maintains. For example, Rack Alley facilities are SSAE 16 Type II compliant, PCI DSS compliant and meets HIPAA Physical compliance requirement.