University of California, Riverside

Security



Server Security


Servers are attractive targets for hackers. This web resource is a guide for system administrators to provide them a starting point when securing their Windows, UNIX and Macintosh servers against possible malicious attacks. No system can be completely safe from attack. There is no guarantee even if all of the recommendations contained in these pages are implemented that any server will be impenetrable. However, if the suggestions outlined are followed, the risk to the server will be reduced. Below are some high-level security tenets which apply to all servers:

  • Servers' operating systems are kept as up-to-date as possible
  • Applications are patched on a regular basis
  • Servers are backed up on a regular basis
  • Servers are located in physically secure areas
  • Servers have host-based firewall and/or are behind a hardware-based firewall
  • Servers are on private networks where possible
  • Protected data MUST be encrypted in transit
  • Protected data should be encrypted at rest as a best practice; if it is not encrypted at rest, other mitigating measures must be adopted to ensure security of the protected data.
  • User accounts have strong passwords
  • Users are given access privileges relative to their business needs
  • Unnecessary services are disabled
  • File system integrity is regularly checked
  • System logs are regularly reviewed

Another piece of the server security puzzle is C&C Firewall Service. Computing and Communications can provide firewall protection for department's servers and workstations. For more information, click on the Firewall Services link on the left.

The below links provide OS security recommendations.

More information regarding specific requirements for Credit Cards and Servers Serving as UCR Storefronts

More Information 

General Campus Information

University of California, Riverside
900 University Ave.
Riverside, CA 92521
Tel: (951) 827-1012

Department Information

Computing & Communications
Computing & Communications Bldg.

Tel: (951) 827-4741
Fax: (951) 827-4541
E-mail: helpdesk@ucr.edu

Footer