Damester
asked on
How to keep data secure on a Windows 2003 web server
Hi experts,
We have a Windows 2003 web server hosting IIS and Apache.
We access it via a terminal service session
We will need to store sensetive data on this first server and then send it out via ISDN
One option is to add a second server which will retain the data sent to it from the first server and have a one way communication via secure VPN, this seems a bit overkill to keep data secure and we'd want this second server to be a disaster recovery for the first. This may cause all sorts of complications like how do we access this second server for maintenance, how does it kick in while still being secure etc
I think we should remove terminal services add secure VPN connections and then add users accounts
for each user (As apposed to one shared account for every administrator).
Then add an account that only has access to this data and only two people know the details of.
Please advise on different setup methods to achieve the best solution using the best technologies.
We must have this data as secure as possible and try to keep it on the web server.
Any advise on securely backiing up this data would also be appreciated.
We have a Windows 2003 web server hosting IIS and Apache.
We access it via a terminal service session
We will need to store sensetive data on this first server and then send it out via ISDN
One option is to add a second server which will retain the data sent to it from the first server and have a one way communication via secure VPN, this seems a bit overkill to keep data secure and we'd want this second server to be a disaster recovery for the first. This may cause all sorts of complications like how do we access this second server for maintenance, how does it kick in while still being secure etc
I think we should remove terminal services add secure VPN connections and then add users accounts
for each user (As apposed to one shared account for every administrator).
Then add an account that only has access to this data and only two people know the details of.
Please advise on different setup methods to achieve the best solution using the best technologies.
We must have this data as secure as possible and try to keep it on the web server.
Any advise on securely backiing up this data would also be appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
That cannot be done, sorry. If you wish, I will half the available points assigned to this question then you can accept Phils answer or I can mark the question for deletion with no points awarded.
Regards
Keith
Regards
Keith
ASKER
Ok assign half the points and I will accept
ASKER