1. Update anti-virus software
a. It is important to develop appropriate virus detection and eliminate the threat for servers.
b. Automatic updates of anti-virus software are essential to ensure new viruses are caught in a timely and systematic way. Network administrator ensures anti-virus definitions are up to date.
2. Update Operating System and Applications
a. Operating system performance and hardware acceleration improve the overall speed of the system.
b. It is important to develop appropriate virus detection and eliminate the threat for servers. System remains safe against the known security threats.
c.
New features improve the functionality.
3. Learn about your system
a. Read appropriate security bulletins available from the vendors.
b. Subscribe for security bulletins from vendors and security advisories.
c. Understand each security issue with relevance to your configuration and environment.
d. Routinely monitor the IT website for updates and announcements.
4. Define critical hosts:
Define critical host machines, which if compromised, could significantly harm the IT/MIS infrastructure, data/records and information system. Proper backup of critical systems is essential.
5. Update anti-virus software
a. It is important to develop appropriate virus detection procedure and eliminate the threat for servers on immediate basis.
b. Automatic updates to anti-virus software are essential to ensure new viruses are caught in a timely systematic fashion. It is a responsibility to ensure anti-virus definitions are up to date.
6. Protect passwords
a. Use lengthy smart passwords (minimum length enforced)
b. Make it for you to remember and hard for others to guess
c. Use non-dictionary words
d. Never store password as plain text or write it down on a paper
e. Configure password-aging feature
7. Use shadow password feature Configure only essential services
a. Maintain servers with the minimum necessary services and packages.
b. Install only essential components, which are required for running the services and applications.
c. Remove any extra service running on server.
d. Offer only essential network services and operating system services on the server machine.
e. Close unused TCP/UDP ports.
f. "Deny first, then allow"
g. Remove old accounts
h. Do not provide more access to system resources than the user needs
8. Update your systems
a. Patch, patch and re-patch
b. Learn about the patches before applying them
c. Remember to patch after a rebuild
d. Apply the latest service packs
e. Install latest updates and vulnerability hot fixes
f. Make sure to update Applications, not only operating systems
9. Protect your systems from spyware
Spyware and adware pose security, privacy and productivity risks. It is important to keep your system protected from such malicious programs and protect servers (where possible) with appropriate anti-spyware tools.
10. Use a firewall
A firewall is considered a high-risk network device as it helps to govern the network traffic to and from network. It needs monitoring in real time, and serves as a primary line of defense against external threats. Make sure any change made to the firewall configuration is properly documented.
11. Define secure access policy
a. Configure computers for user authentication
b. Configure servers with appropriate object, device and file access controls
c. Configure server for secure remote administration (VPN providing encryption and secure authentication)
12. Physically protect servers
a. Allow only appropriate physical access to computers
b. Do not leave console logged in at any point of time, console should be locked when not in used.
c. Configure 'time out' feature on your console system
13. Ensure data security and integrity
a. Encrypt sensitive data where possible and needed
b. Replace insecure programs with secure ones
c. Avoid storing clear text passwords and private keys
d. Securely remove data from storage media
14. Monitor your system
a. Read log files
b. Use Log Analyzer
c. Scan Systems periodically using appropriate tools (scan, evaluate, update, correct and re-scan)
d. Enforce access control rules for users / user restrictions
e. Remove old accounts from machines
15. Document configurations and disaster recovery
a. Document any changes in the system configuration
b. Document (in steps) a disaster recovery plan and share it with your IT staff
16. Have a backup plan
a. Make sure you have a tested backup strategy
b. Keep your plan up to date by at least annual evaluation
c. Train User Support Staff and Hardware Tech that work with you
d. Plan for the worst, this should be part of disaster recovery plan
e. Test the backup media, replace it if it needs replacement and don't take risks
f. Identify what data needs to be backed-up (prioritize the data)
g. Data should be backed up at least once a day, other data might need more frequent back-ups per day
h. Backup media should be kept in a secure locked storage to prevent theft or tampering with stored data
1. Security of Network. The aim of Network security measures is to secure the computer system/storage media containing official files, programs, oracle databases and its precious data from unauthorized disclosure. Network security should be viewed as taking several steps, each of which gives some level of security, but when used in conjunction with each other as a 'team' can be extremely effective:
a. The user names, password or other computer access codes should not be shared and disclosed to anyone. It should be known to the designated officer/staff and he/she should operate computer with only designated user name.
b. Change passwords at least once a month preferably on fortnightly basis. Use a strong password - a combination of numbers, symbols, and letters (uppercase and lowercase) is recommended.
c. Properly arrange in use files on your designated computers and take regular backup in a separate centralized place. In case computers hard disk becomes faulty, the information/files could be recovered.
d.
e. Deletion of official files is not allowed prior to backup.
f. Do NOT connect any personal hardware to network computer.
g. If file sharing is required, contact IT & MIS department. Files will be shared inter departmental through restricted folder.
h. Password protection of word/excel files is not allowed, if password is applied to any important official files/working, it is required to intimate MIS Department with list of such files and password.
j. Notify all suspicious or unusual computer problems to IT & MIS department immediately and follow their instructions.
k. To ensure the computers remain free of viruses USB Drive/CD/DVD is not allowed to be used.
l. Playing of computer games in office is strictly not allowed.
m. In order to increase the life span of computers, printers and other computer accessories, it is required that computer and printer should be properly shutdown after working hours/idle time.
n. Service of computer/printer is responsibility of IT & MIS staff, however cleanliness of computer, monitor, keyboard and printer are required to be carry out regularly by the concerned staff operating computer on daily basis.
o. Violation of the computer security measures notified above can lead to withdrawal of the system and appropriate disciplinary action.
2. Internet Security Measures. Alongwith the convenience and easy access to information through internet, many potential risks involved while browsing the internet. Computer system connected to the internet is likely to be attacked by computer hackers and hostile agencies. Therefore, all efforts must be made to secure the system and information. The following measures should be strictly adhered to:
a. Do not download software/any executable file from the internet. Simply visiting a compromised website can infect computer with virus, worm, Trojan horse and spyware etc which can be harmful for important data and costly IT infrastructure.
b. Do NOT open unsolicited e-mail/spam e-mail contains file attachments that are commonly used to spread threats (virus, worm and trojan horse etc.) such as .vbs, .bat, .exe, .pif and .scr files.
c. Confidential information/official letters must not be sent through the Internet without prior permission by the Administrator.
d. The use of the internet for a private purpose, personal e-mails, games and group chatting is not allowed on official connections.
e. Any misuse or cause to damage by the user is traceable by IT Department, in case of any such event strict disciplinary action may be taken against the user.
(1)
ACTIVE DIRECTORY PROMOTE AND DEMOTE
To move FSMO roles from one DC to another DC follows these steps:-
1. To Transfer the Domain-Specific RID Master, PDC Emulator, and Infrastructure Master FSMO Roles:
a. Open the Active Directory Users and Computers snap-in from the Administrative Tools folder.
b. Logged onto the domain controller, in the snap-in, right-click the icon next to Active Directory Users and Computers and press Connect to Domain Controller.
c. Select the domain controller that will be the new role holder, the target, and press OK.
d. Right-click the Active Directory Users and Computers icon again and press Operation Masters.
e. Select the role to transfer and press the Change button.
f. Press OK to confirm the change.
g. Press OK
2. To Transfer the Domain Naming Master Role:
a. Open the Active Directory Domains and Trusts snap-in from the Administrative Tools folder.
b. Right-click the icon next to Active Directory Domains and Trusts and press Connect to Domain Controller.
c. Select the domain controller that will be the new role holder and press OK.
d. Right-click the Active Directory Domains and Trusts icon again and press Operation Masters.
e. Press the Change button.
f. Press OK to confirm the change.
g. Press OK all the way out.
3. To Transfer the Schema Master Role:
a. Register the Schmmgmt.dll library by pressing Start > RUN and typing: regsvr32 schmmgmt.dll
b. Press OK. A success confirmation will be displayed.
c. From the Run command open an MMC Console by typing MMC.
d. On the Console menu, press Add/Remove Snap-in.
e. Press Add. Select Active Directory Schema.
f. Press Add and press Close. Press OK.
g. Right-click the Active Directory Schema icon in the Console Root and press Change Domain Controller.
h. Press Specify and type the name of the new role holder. Press OK.
i. Right-click the Active Directory Schema icon again and press Operation Masters.
j. Press the Change button.
k. Press OK.
4. To remove a domain controller from a window server follows these steps:-
a. Click [Start]. Type [dcpromo] and then Press [Enter Key]
b. Click [Next] at the [Welcome to the Active Directory Domain Services Installation Wizard]
c. Read the warning message and then Click [OK]
d. Check [Delete the domain because the server is the last domain controller in the domain] and then Click [Next] at the [Delete the Domain]
e. Click [Next] at the [Application Directory Partitions]
f. Check [Delete all application directory partitions on the Active Directory domain controller] and then Click [Next] at the [Confirm Deletion]
g. Wait for [Checking if DNS deletion needs to be removed...]
h. Specify Local Administrator's password. Type [password] twice and then Click [Next] at the [Administrator Password]
i. Review [Summary] and then Click [Next]
j. De-promotion is processing. Check [Reboot on completion]
k. After depromotion process, the server will be rebooted automatically.
SYSTEM STATE BACKUP USING BACKUP UTILITY
1. For Backup the System State using Backup utility follows these steps
a. To backup system state (including the registry, software, security, Security Accounts Manager (SAM), and the default user) run Windows Server Backup tool (ntbackup.exe).
b. To run Backup tool click Start > All Programs > Accessories > System Tools > Backup.
c. By default Windows Server Backup tool run in wizard mode. To change to Advanced mode, uncheck the Always Start In Wizard Mode check box, click Advanced Mode and then click the Backup tab.
d. On the Job menu, click "New" and check the "System State" check box.
e. Enter the destination file name at "Backup media or file name". In the Backup media or file name box, specify path f:\ and file name 200618.bkf (System Date) for the backup (.bkf) file.
f. In "Backup Job Information" dialog box, click "Start Backup" to start backup operation.
GSM/GPRS/SMS TRACKER
1. A tracker device with built-in battery, having a unique IMEI number with following features are recommended:-
a. GPS (Give location in terms of latitude and longitude).
b. SMS/GPRS (transfer data over cellular)/Internet Data Transmission.
c. Remote Configuration Facility through SMS and Web Interface.
2. SIM is installed in tracker device with GPRS settings enabled. Following packages are used in tracker system:
a. SMS Package for 12 months
b. GPRS package for one month (As and when required).
3. For tracking, tracker, provide geographical location of the vehicle. Following benefits are achieved.
a. Exact location of vehicle.
b. Remote setup/control by mobile phone.
c. Geo Fencing: Perimeter marking and demarcation control of vehicle.
d. In case of emergency, listening can be enabled from devices.
e. Emergency switch off from devices.
f. Anti-Jammer Technology.
4. SMS Based Tracking. The device will send the SMS to authorized numbers reporting its exact location at a specified time/interval depending upon configuration that can be opened in Google maps.
5. Web Based Tracking. A GPS based tracking web portal that offers tracking of mobile van via tracker in real time. The tracker regularly updates its location to the web site through GPRS setting that keep track of vehicle movement.