Summary
This article is about how to secure data and keep your Machpanel system backed up.
DATA SECURITY
It is an established fact that data is the most critical part of any business today. There is always a chance that big businesses in cloud and hosting industry and their customers/users become a target for cybercrime.
With this ever growing concern of a backdoor/bug penetrating through external sources, it is important that all our customers are aware of known security risks and do their best to take all necessary precautions.
KEY NOTES ON DATA SECURITY
These precautions may include but be limited to:
- Ensuring strong passwords in combination with 2FA,
- Changing the passwords on regular intervals or set up automatic password expiring policy
- Implementing the IP Blocking feature thereby allowing admin access from specific IPs only.
- Implement Port blocking via Firewall so that only the required ports are enabled.
- Up to date Antivirus protection should be implemented to present a security layer.
- To maintain regular Online and Offline Backups (daily backups). These backups should be put in password protected zip file and stored at multiple sources so that even if one machine is affected by a security breach, the backup from other location would allow effective restoration of business data and activities.
SECURITY GUIDELINES:
To be more
elaborative, we would like our customers to familiarize themselves with and
adhere to the below security guidelines:
1. Update
Applications and System when available.
- Keep Browsers & Plugins updated
- Update the OS & other
applications
- Use Security applications, such as
anti-virus/anti-malware
· Choose
reputable, well-known, well-tested
- Choose secure settings recommended by
the software vendor
- Keep Security applications updated
· Use Stable
versions with latest security patches
- Remove unnecessary/insecure 3rd-party
apps, especially those of low reputation
- Configure Multi-Factor Authentication for
sensitive user accounts.
- Be a part of Secure Network
- Minimize open network ports, open
only TCP 443 for MachPanel Front Facing. And TCP 7860 for MachPanel
Control and Remote communication on Internal Network.
- Manage and audit firewall and
firewall rules
- Monitor and log all access attempts
- Use IP Lockdown / Blocking, Port
Blocking techniques.
- Keep MachPanel front-facing websites secure
via SSL by trusted SSL providers.
- Keep all your passwords safe and strong.
Change your passwords periodically.
- Use strong password policy for Active
Directory and MachPanel logins.
- Keep server clock in-sync
- Harden Remote access to MachPanel Server.
- Periodically review logs for suspicious
activity
- Authentications
- User Access activity & changes
- Privilege Elevation & usage
- Maintain server logging, monitor periodically
- Mirror logs to a separate log server
- Scans/Audits of the server - check
for malware/hacks
- Backup Considerations:
- Use regular VM snapshots, MachPanel
database/application/file backups. Maintaining backup schedule and
alerts.
- Use Disaster Recovery (DR) and
High-Availability (HA) safeguards
- Periodically review and practice
Recovery steps
- Establish a periodic archive of your
data to a remote site / data storage location