Is your network an “opportunity” for a hacker?

SenseiSteve

HD Moderator
Staff member
I wrote this some years ago, but I believe it still applies today.

Hackers are clearly honing their skills as we continue to see stolen credit card data from some major players, and we’re talking now about intrusion attempts from all over the globe probing millions of networks for entry points. More often than not, it’s not you they’re targeting.

They’re looking for opportunities across the breath of the Internet. If your network is vulnerable, trying to recover from an intrusion is a whole lot harder and more expensive than securely locking it down upfront.

What steps should a web hosting provider take to properly secure their network in 2020? Your thoughts?
 

izumi777

Member
We focus on the servers and secure them by updating OS and software to the latest version. We also focus on backups by backing up data to various locations. This protects us from ransomware because we always have data to restore.
 

bprashanth

New member
Security is important at OS, network, access and hardware levels. It is a multi-faceted, multi-domain, inter-departmental necessity that can't be ignored anywhere.

Ignoring it is simply inviting attacks and avoiding responsibility.
 

artichost

New member
At a minimum do a network scan on public blocks and patch stuff. There should never be MGMT exposed from outside unless it's in a SSLVPN with 2 factor auth.
 

WPAuto-Mike

New member
We have hosting provider partners who still have to deal with weak user passwords in Year 2020.

I guess nothing has changed fundamentally in terms of cybersecurity standards, and users are still the most vulnerable even when the entire infrastructure is maintained in the best state of art security implementations.
 

JessicaAceh

New member
the solutions to prevent such things are the same as were years ago. You need to make sure your server and all services are up to date(latest patches and hotfixes). If CC mentioned, it means connection over SSL, in this case, make sure that outdated ciphers and protocols are closed down. In addition, close down all ports from public access, apart from those that should be accessed by clients, players, visitors. And as a last thing, use regular penetration tests.
 

easyhostmedia

Well-known member
We have hosting provider partners who still have to deal with weak user passwords in Year 2020.

I guess nothing has changed fundamentally in terms of cybersecurity standards, and users are still the most vulnerable even when the entire infrastructure is maintained in the best state of art security implementations.

It is the same with user who do not update their scripts like Wordpress etc. thinking they still work, so no need to update them, then eventually i would have ' help my site has been hacked' they dont understand they need to make sure scripts are updated when informed to do so.
 
Top