Solicitamos su permiso para obtener datos estadísticos de su navegación en esta web. Si continúa navegando consideramos que acepta el uso de cookies. OK | Política de cookies | Política de Privacidad
Language: English

Follow us ...

  • Twitter FacebbokFlickrYouTube CESGA

SME Services

  • Servicios para Empresas

díxitos Marzo 2019

Tradución xerada automaticamente.

Manual of best practices in Administration of Systems

In spite of the efforts of the administrators of systems in a lot of occasions the infromación sensitive, the systems and networks can engage by wanton actions that happen careless.

They indicate to continuation some boards of directors of simple systems, so that it was easier fiabilizar the system with a minimum number of interruptions of service to the users. This document provides a group of recommendations to help to keep a level of acceptable security in terminos of confidentiality, integrity, availability and autenticación mutual.

Along this document the term "server" uses to indicate a combination of hardware, operating system, service of network, software of application and conexuión of network.

  1. It learn on his system
    • Read the bulletins of security of the manufacturers that are available
    • Suscribase To the bulletins of security of manufacturers and other sources of notable information in matter of security
    • It comprise the problematic of security in relation to his configuration and surroundings
    • It monitor the information of the websites of routine form in search of relative information to his systems and updates of security
  2. It define the critical teams
  3. A critical team is a team, which, if it engages , could produce significant damages in the local network or in the outside: damage the reputation, interruption of critical tasks, disclosure of confidential information or incumplimiento of the valid law, for example, a server that contains confidential data, medical registers, information of payments, numbers of the social security, etc. "¿What is what treats to protect?" It is a good pregutna to define the critical teams.

  4. Update the software of antivirus
  5. It is important to have of software of detection of antivirus and delete the threats of the servers. The automatic updates of the software of antivirus are fundamental to ensure that they detect the new viruses of systematic form. It is the responsibility of the administrator of systems the ensure that the software of detection contains up to date definitions of the patterns of virus.

  6. Protection of passwords
    • It use passwords of sufficient length, preferably characters of different groups between capital letters, tiny, numbers and simbolos.
    • It use passwords that they are easy to remember, but that they are difficult to guess by others
    • It do not use words of dictionary
    • Never it store passwords like flat text or write them and nun paper
    • Configure options of caducity of passwords
    • It store the passwords enciphered
  7. It configure only the essential services
    • It install only the components and essential services, those that require to launch services and applications
    • Offer alone services of network and of the indispensable operating system in the server
    • Closing the ports UDP/TCP open that they are unnecessary
    • "Deny" In the first place, to continuation "Allow"
    • It delete the ancient accounts
    • It do not provide more permissions of access to the resources of the system that the user needs
  8. It update his systems
    • It keep up to date the installation of patches and updates
    • Read the information on the patches before applying it
    • Acuerdese To apply updates after an installation
    • It update also the applications, no only the operating systems
  9. It protect his systems of spyware
    • The spyware and adware looms the privacy and the productivity. It is important to protect of this wanton software and protects rnuestros sevidores (when it is possible) with tools anti-spyware.
  10. It use a firewall The firewall manages the traffic of network entrante and salient of the same, and serves like first line of defence against the external threats. It is important to document the changes realised in the configuration of the firewall.
    • It define a politics of security in the access
    • It configure autenticación of user
    • It configure the servers with controls of access to archives and devices.
    • It configure the server for safe remote administration
  11. It ensure the security and integrity of the data
    • It encipher the sensitive data when it was necessary and possible
    • It replaces the unsure programs with safe programs
    • It avoid to store the passwords and private keys in clear text
    • It delete data of safe form of the systems of storage
  12. It monitor his system
    • Read his archives of logs (lso hackers also read them)
    • It use analysers of logs
    • It scan his systems of form periodica with appropriate tools (scan, evaluate, update, correct and reescanear)
    • It reinforce his politics of control of access/restrictions of user
    • It delete the ancient accounts of the servers
  13. Document configurations and elaborate a plan of contingency
    • It document changes in the configuration of system
    • Document (in steps) a plan of contingency and share it with the rest of the personnel IT
  14. It have of a plan of backup
    • Asegurese That has verified his strategy of recovery of information
    • It update his plan of backup annually
    • It form to the operators that work with you (if there is)
    • It contemplate a plan of contingency
    • It has to realise backup of the data at least once a day, other data can need backups
    • The backups owe to store in safe place to avoid theft or damage of the data stored.