How To Protect Your Servers From Hackers

how to protect business servers from hackers strong passwords company cyber security

Hackers have become more and more sophisticated as time goes by. Now, even businesses with the best in professional protection tools can potentially become a target, and negligence is at the forefront of almost all cybersecurity problems. In fact, a large percentage of people neglect their passwords, and 80% of all data breaches are linked to compromised passwords. 

What does this mean for your business? It means that protecting your servers is more dire than ever, and there are certain steps you’ll need to take to ensure maximum protection. In this guide, we’ll cover some of the most important steps to securing your servers from hackers. 

Stay Up To Date With The Latest Threats 

Ransomware has become one of the greatest threats to servers/businesses in recent years. A simple ransomware attack can potentially cripple a business, and, in some cases, the hacker gets the ransom and is never caught. After all, a business can’t afford to be offline for a day or more, and many businesses simply cave to the pressure and pay the ransom so they can get up and running again. 

Ransomware is often delivered via email. A simple download of an attached file, or sometimes, just opening a suspicious email can deliver ransomware directly to your local system or even the servers. You can protect against ransomware with Sentinel One and other cybersecurity tools. 

It’s important as a business to keep your employees up to date with the latest cyber threats, as well as enact strict policies for company-wide cybersecurity. Some companies employ a spam filter, which filters any suspected emails into a spam account totally separate from the main email server. 

Keep Software Up To Date 

Out-of-date software can act as a gateway into your system. Outdated software often doesn’t have the latest virus definitions or protections, and hackers will definitely exploit it if they can. All software should be set on an auto-update schedule whenever possible. If that’s not possible for your business, make sure to check daily for software updates from the publisher. 

Protect Your Passwords 

Passwords are one of the most important cybersecurity tools at your disposal, and one of the most overlooked. Too many people don’t take passwords seriously enough at work or at home, to the detriment of businesses and individuals everywhere. The problem with passwords is that they’re so powerful, yet so vulnerable at the same time, and we’re not taking them seriously. 

A good password looks like this: 

R2st$%k0)(i@fGh2Vb1a 

Notice how the password contains none of the following: 

● Names, addresses, birthdays 
● Repeating characters 
● Only numbers, letters, and symbols 
● Easily identifiable personal or company info 
● Dictionary words or phrases 

According to this password checker, a computer would take one trillion years to hack this password. Let’s look at a poor password. 

John is an accountant born in 1964 for John and Burrow Accountants, LLC. This is his password, which he recycles for nearly every one of his accounts both at home and the office: 

john1964Burrows 

There are several problems with John’s password. Despite having a combination of letters and numbers, it contains no symbols. There are also several repeating characters, John’s actual name, and the name of his workplace. While the password checker estimates a one hundred million-year timeline for a computer to crack the password, that’s just the computer’s answer. A good hacker could easily figure out this password with just a bit of information on John—most of which would probably be publicly available. 

The bottom line on password protection? Passwords need to be taken much more seriously. Make good password habits the core of your company’s cybersecurity training program. Ensure that employees don’t recycle their passwords across multiple accounts, and use a password manager where you can. Also don't forget to turn on 2FA, or two factor authentication for added security in case a password is discovered by a hacker. We'll get into more of this later to help avoid your company from becoming helplessly hacked.

Monitor Your Cloud Backups 

Nowadays, many businesses store the bulk of their information on the cloud. Why? Because it’s safe, secure, and accessible. But, like anything on the web, cloud servers can be hacked. It’s important to constantly monitor those cloud backups and provide the right protection for them. The backups are in place just in case your core data is stolen or becomes corrupted. Don’t take the risk of losing your backups, too. Use a service like Sentinel One to monitor your backups and address potential threats before they cause damage. 

Close Network Ports 

Your firewall should be severely limiting the traffic that flows through your server ports. Adopt a policy of blocking any traffic that you don’t expect or don’t need to your servers. Filter all traffic coming in and out, and filter open ports to only allow traffic from necessary sources. This limits the traffic coming into your servers, thus reducing the potential for hackers to cause a breach. 

Use Multi-Factor Authentication 

If possible, every company account should come with MFA. Multi-factor authentication can sometimes mean the difference between a hacker being locked out or gaining access to the entire system. When you set up a password, include MFA as a backup option. All employees should understand and know how to use their MFA for each account. Any unauthorized access will trigger the MFA, both securing the account and notifying you that someone is attempting to gain access. 

Cybersec Conclusion 

Good cybersecurity in business can sometimes mean the difference between a healthy business and a bankrupt one. The average cost of a data breach is between about $30,000 and anywhere over one million dollars. The more you invest in your company’s cybersecurity to prevent getting hacked, the more your business will save in the long run.

Bootstrap Business Blog Newest Posts From Mike Schiemer, Partners, & Blog Outreach Services