- Community Home
- >
- Servers and Operating Systems
- >
- Servers & Systems: The Right Compute
- >
- Ensure server security by keeping ahead of these f...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Receive email notifications
- Printer Friendly Page
- Report Inappropriate Content
Ensure server security by keeping ahead of these four trends
Ransomware. Human error. Increasing regulations. Here are the top trends that can derail your server security.
Employees are working from home in increasing numbers, putting server security at risk. According to the US Census, about eight million people worked from home in 2017, and that number is sure to rise as employees look to improve their work-life balance. With so many people working outside of the protective perimeter of the corporate network, you must stay aware of the latest risks, so you can take proper precautions to safeguard company data and infrastructure.
Here are four of the newest server security risks and details about what you can do to thwart them.
1. Firmware attacks take off
Cybercriminals have, in the past, gone after low-hanging fruit such as operating systems and applications, which is why patching and upgrading your organization's software infrastructure always was, and continues to be, so important. Today, however, criminals are taking aim squarely at hardware, including servers, printers and processors, and looking for ways they can exploit them via firmware. When you have employees working outside the firewall, your company is even more vulnerable to this type of attack.
In May of this year, the National Institute of Standards and Technology released platform firmware resiliency guidelines that provide a good overview of what you can do to protect your valuable hardware assets. Almost all electronic devices contain some firmware, which is defined as software written in the hardware's nonvolatile memory, allowing it to be stored and retrieved when your server is turned off, or you experience a power outage. You should also look for hardware that will do some of your work for you. For example, HPE builds its industry-leading, economical HPE ProLiant Gen10 servers for agility, speed, and security. Gen10 servers, which are the most secure industry-standard servers in the world, feature the unique Silicon Root of Trust technology. This technology ensures server security by continually checking the firmware to make sure that nothing has changed. If it finds an anomaly that does not match the server's immutable fingerprint, it immediately puts the server into recovery mode, rolling back to the original code.
2. Ransomware is pervasive
If it seems like you can't read the news any given day without hearing about another huge ransomware attack, well – you're right. In fact, there has been a 15-fold uptick in ransomware events over the past two years. By 2019, it is estimated that a company will be infected by ransomware every 14 seconds, according to Cybersecurity Ventures, a leading research company in the field of cyber economics, market data and cybersecurity insights and predictions. When employees work from home there's even more of a risk, especially if they're using their own (potentially) unprotected equipment to connect to your network.
Recovering from a ransomware attack is difficult, and can be very costly for a business. Even those who choose to pay a ransom may be subject to disappointment, since cybercriminals aren't likely to give the data back once they receive their money. In addition, attackers may unencrypt your servers, while leaving another piece of undetected malware running in the background. You could end up having to rip and replace everything, costing your organization millions—if not hundreds of millions—of dollars.
Hewlett Packard Enterprise's HPE Server System Restore, which is available on the company's Gen10 server line as part of an iLO Amplifier Pack, can help you recover up to 10,000 servers with a single click. When you use this process, corrupt firmware is removed and restored to its original configuration; application replication is initiated; and data is recovered from a protected secondary backup repository, among other tasks.
3. Human error is always possible
Even though an error may be unintentional, the fallout from even a small mistake can have major repercussions. For example, an employee using a spoofed password led India's Punjab National Bank to lose $1.8 billion. Unfortunately, this example is not uncommon. Insiders, it seems, are the ones who are unwittingly giving cybercriminals the keys to the castle - and server security. Mobile and home-based employees may put your IT environment at even greater risk, since those who work from home may log on to company servers using unprotected devices and PCs.
As an IT executive, your first step and safest route in thwarting human error is undertaking a full security assessment. HPE's PointNext security risk management and digital protection services include different options that can help you identify and shore up potential risks from employees, and enable ongoing improvements to your organization's IT security. While you can't always stop someone from clicking on a malicious link, you can protect your organization from resulting damage if they do.
4. Regulations make server security paramount
Recently, HPE's Bob Moore sat down with the FBI's James Morrison to discuss trends in cybersecurity and why server infrastructure security is such an important topic for enterprise IT. Currently, the volume of breaches is so high in the United States, and presents such a danger to information consumers, which the FBI believes there will have to be some form of government regulation adopted to preserve and protect privacy rights. A form of this type of regulation is already happening in the EU, with the General Data Protection Regulation (GDPR). The GDPR standardizes data protection law across all 28 EU countries and imposes strict new rules on controlling and processing personally identifiable information.
Going forward, especially as more employees choose to become remote, mobile workers, IT organizations will need a more proactive security stance. You will need to stop bolting on security and go with options that have it built into the infrastructure. You'll need protection, detection, and recovery right in the silicon, much like you find today in HPE's Gen10 server line and the Silicon Root of Trust.
Learning from others' mistakes
When you are proactive and looking out for these issues, your organization can be stronger and less likely to get duped by cybercriminals, making your job easier. In addition, you'll protect not only your network, but your increasingly mobile workforce as well. To learn more, check out Patrick Moorhead's story in Forbes, What You Need to Know About the Latest Security Hacks.
Featured articles:
- From the ground up: Constructing a solid framework for modern enterprise security
- 10 security trends to watch in 2019
- Want to know the future of technology? Sign up for weekly insights and resources
Meet Infrastructure Insights blogger Karen Stealey, IT Journalist.
Karen Stealey has been writing about technology for more than 15 years. Her work has appeared in top technology and business publications including InformationWeek, BusinessWeek, and Forbes.
Infrastructure Insights
Hewlett Packard Enterprise
@HPE_Servers
linkedin.com/company/hewlett-packard-enterprise
- Back to Blog
- Newer Article
- Older Article
- Dale Brown on: Going beyond large language models with smart appl...
- alimohammadi on: How to choose the right HPE ProLiant Gen11 AMD ser...
- Jams_C_Servers on: If you’re not using Compute Ops Management yet, yo...
- AmitSharmaAPJ on: HPE servers and AMD EPYC™ 9004X CPUs accelerate te...
- AmandaC1 on: HPE Superdome Flex family earns highest availabili...
- ComputeExperts on: New release: What you need to know about HPE OneVi...
- JimLoi on: 5 things to consider before moving mission-critica...
- Jim Loiacono on: Confused with RISE with SAP S/4HANA options? Let m...
- kambizhakimi23 on: HPE extends supply chain security by adding AMD EP...
- pavement on: Tech Tip: Why you really don’t need VLANs and why ...
-
COMPOSABLE
77 -
CORE AND EDGE COMPUTE
146 -
CORE COMPUTE
128 -
HPC & SUPERCOMPUTING
130 -
Mission Critical
86 -
SMB
169