When you sign-up for NetSafe Server, your initial implementation is a critical first step to harden your server.
During the implementation project, Net Friends will conduct a comprehensive review of your server, ensure the server’s configuration is aligned with best practices, and provide you with a detailed report documenting any changes made.
Server Security Baseline Assessment
Net Friends conducts a thorough evaluation of server security, assessing it against the National Institute of Standards and Technology (NIST) framework. Our IT specialists will employ a comprehensive and specific set of configurations, known as the 'baseline' settings, to ensure each server is secure and safeguarded.
Defining Server Baseline: This term refers to a collection of configurations and settings designed to secure your server and enhance its performance. These settings are grounded in widely acknowledged best practices, including those from frameworks like NIST.
The initial evaluation helps to identify any weaknesses that need to be addressed. During the baseline assessment we will be evaluating:
- Backups: Your backups will be examined to ensure that they are working properly to protect your data. This is important in case of a breach. We must ensure your backups are available so your server can be quickly restored to its previous state.
- Onsite Physical Security: The environment around your server might have various hazards that increase your server's vulnerabilities and susceptibility to failure. This involves checking the physical security of the server, such as making sure that it is in a secure location and all the hardware and cords are properly labeled.
- Hardware: We want to ensure that your server is in good working order. During your hardware assessment we will be checking the warranty, server function, and fans, power supply, and hard drives.
- Software: Unpatched vulnerabilities in your operating systems and other software can provide entry points for malware, data breaches, and unauthorized access. We will review the update status of BIOS, firmware, drivers, OS, etc., and make note of what software is on the server. If any updates or patches are needed, they will be implemented as part of this process.
- Document Client Specific Critical Services: Your operational needs may require monitoring of essential software or processes to adhere to regulatory mandates. An example of this is specific compliance related documentation or monitoring. During your onboarding we will work with you to identify and document any business-critical requirements.
- Deploy and Document Tools: We will install and configure the necessary tools on the server to allow ongoing monitoring and updating.
- Reporting: We will work with you to determine what reports you need to support any insurance or compliance requirements. Then we will create monthly reports that meet those requirements.
The implementation project takes four to six weeks and will end with the presentation of a comprehensive report detailing the changes made to fortify your servers, accompanied by a certificate affirming their security.
Following the completion of implementation project, Net Friends will shift focus to the ongoing maintenance of your servers' robust security posture. This involves vigilant monitoring of any modifications, ensuring the servers are consistently updated with the latest patches, and conducting regular security scans to proactively identify and address any emerging vulnerabilities.
