The Challenge – More Security for Servers Against Internal and External Attacks
Our client has a large manufacturing company, at the heart of which over 800 servers run day and night, at full speed. They ensure the smooth flow of production. At the same time, all company data is stored on them. This is why our customer wants to increase the security of the servers from possible sabotage or corporate-espionage attacks.
1. Survey of the Status Quo
For large companies, often the IT infrastructure has grown over the years into a very complex structure. That’s why we firstly determine which user accounts exist, who has what permissions and how various processes are linked together. With our CCAPR software, we check, for instance, all the users, groups, and computers that have administrative rights according to Active Directory, and therefore able to modify data. With this evaluation, significant security risks become evident. For example, still-existing accounts of former employees, easy-to-guess passwords or directories in which sensitive data is accessible and unprotected.
2. Planning of the Necessary Changes
The larger the server environment, the more specific any planned change must be. Simply an unrecognised link can be the cause of a stop in production. In addition, changes need to be prepared, for example, the introduction of safe passwords, employee training or the restructuring of existing directories.
3. Implementation of the Changes
The implementation of security measures takes a relatively long time to complete. This is when installations must be especially well documented, permissions thoroughly checked and so on.
At certain intervals, it should time and again be determined, as to whether any circumstances have changed.
Technology and Programs Used
- SQL Server
- Active Directory
- Evaluation in Excel
- CCAPR (Admin Permission Review)