Server Security

a) Server Access Control

i) Servers must adhere to the CIS security benchmarks before being put into production. ii) Server administrators must access servers and databases through a bastion host (jump server) for authorization.

b) Server Anomaly and Access Monitoring

i) Through active and passive discovery systems, abnormal behaviors such as server vulnerabilities, component vulnerabilities, trojans, abnormal external links, and unauthorized server access are scanned and monitored in real-time. In the event of an anomaly, an alert notification is generated to notify security personnel for further investigation and handling.