CGI Web Hosting Securing Public Web Servers CGI Hosting

Guidelines on Securing Public Web Servers

Ability to log appropriate server activities to detect intrusions and attempted intrusions

Provision of a host based firewall capability

In addition, organizations should consider the availability of trained experienced staff to

administer the server and server products.  Many organizations have learned the difficult

lesson that a capable and experienced administrator on one type of operating environment is

not automatically as effective on another.

Given the sensitive nature of the Web server, it is critical that it be located in an area that

provides a secure physical environment.  When planning the location of the Web server the

following items should be considered:

Does the proposed location offer the appropriate physical security protection

mechanisms?  Examples include:

Locks

Card reader access

Security guards

Physical intrusion detection systems (e.g., motion sensors, cameras)

Does the proposed location offer the appropriate environmental controls so that the

necessary humidity and temperature are maintained?

Is there a backup power source?

3.2  Security Management Staff

Because Web server security is tightly intertwined with the organization's general information

system security posture, a number of IT and system security staff may be interested in Web

server planning, implementation and administration. This section provides a list of those roles

and identifies their responsibilities as related to Web server security.  These roles may vary

with the organization, however, and not all organizations will have the identical roles described

here.

3.2.1  Senior IT Management/Chief Information Officer (CIO)

The Senior IT Management/CIO ensures that the organization's security posture is adequate.

The Senior IT Management provides direction and advisory services for the protection of

information systems for the entire organization.  The Senior IT Management/CIO is

responsible for the following activities that are associated with Web servers:

Coordinating the development and maintenance of the organization's information

security policies, standards, and procedures

Coordinating the development and maintenance of the organization's change control

and management procedures





Unlimited Web Hosting





  
    
      
        Home :: RegularHostingPlan :: 
          DatabaseHostingPlan :: 
          JavaHostingPlan :: 
          CompareOurPlans :: AboutUs - 
          Our Network :: 
          Testimonials 
          WhyChooseTotalRoute.net :: 
          MoneyBackQuarantee :: 
          SupportOnline :: FAQ :: 
          ControlPanel :: 
          24/7TechSupport :: 
          ContactUs :: 
          Order 
          TransferYourSite :: 
          Sitemap :: 
            TermsOfService
      CGI Web Hosting 
    
  
  
    Our partners:Jsp Web   Hosting 
      Unlimited Web Hosting 
      Cheapest Web   Hosting  Java Web Hosting 
      Web   Templates 
      Best Web Templates 
      Web Design   Templates 
      Interland Web Hosting 
      Cheap Web Hosting  
      Java Web Hosting   
      Tomcat Web Hosting 
      Quality Web   Hosting 
    Best Web Hosting  Mac Web   Hosting
  
  
    TotalRoute.net Business web hosting division of Vision Web Hosting Inc. All rights reserved.