Server Security and Hardening Standards Appendix A: Server Security Checklist

Server Description

  • Server DNS hostnames: ______________________________________________
  • System Administrator Names:  ________________________________________
  • What Services does the Server provide? _________________________________
  • Describe the data stored on the servers and its categorization per the Data Classification Standard Policy:
 

Checklist

Check each item in the list that has been verified to be true.

Server Configuration
Server Configuration
 
 
 
 
 
 
 
 
 
 
 
 
 
  • Secured with an initial password-protected log-on and authorization.
  • Whole disk encryption required on portable devices
  • Whole disk encryption is recommended on desktop workstations.
  • Anti-malware software with the most up-to-date malware database.
  • Separate local admin and user accounts.
  • Up to date VPN software.
  • Regular, timely, OS, and software updates.
 
 
 
 
 
 
 
  • Windows servers in UBAD:  use domain controllers
  • All other servers:  use tick.acsu.buffalo.edu and/or tock.acsu.buffalo.edu
 
 
 
  • A patch management tool should be used if possible.
 
 
 
 
Server Security Monitoring and Protection
Server Security Monitoring and Protection
 
 
 
 
 
 
 
Access Control
Access Control
 
 
 
 
  • Tools such as sudo or runas may be used to temporarily elevate privileges of user accounts.
 
 
 
 
 
  • A new administrator account may be created.
 
 
 
 
 
 
 

Server Security and Hardening Standards | Appendix A: Server Security Checklist
Version 1.0
11-17-2017