Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to keep data secure on a Windows 2003 web server

Posted on 2006-07-11
6
Medium Priority
?
204 Views
Last Modified: 2013-12-04
Hi experts,

We have a Windows 2003 web server hosting IIS and Apache.
We access it via a terminal service session
We will need to store sensetive data on this first server and then send it out via ISDN

One option is to add a second server which will retain the data sent to it from the first server and have a one way communication via secure VPN, this seems a bit overkill to keep data secure and we'd want this second server to be a disaster recovery for the first. This may cause all sorts of complications like how do we access this second server for maintenance, how does it kick in while still being secure etc

I think we should remove terminal services add secure VPN connections and then add users accounts
for each user (As apposed to one shared account for every administrator).
Then add an account that only has access to this data and only two people know the details of.

Please advise on different setup methods to achieve the best solution using the best technologies.
We must have this data as secure as possible and try to keep it on the web server.
Any advise on securely backiing up this data would also be appreciated.
0
Comment
Question by:Damester
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 12

Accepted Solution

by:
Phil_Agcaoili earned 500 total points
ID: 17106032
Separate "remote control" from the "sensitive data repository" server, so have a front end remote access server in a DMZ (behind a firewall) and then Web server with sensitive information on the inside of your network.

For disaster recovery, you have 2 separate functioning systems that have 2 different sets of security controls and requirements.

Also, why not an SSL VPN solution? There are some great ones out there that can give you full control of your server from the Net.

0
 

Author Comment

by:Damester
ID: 17387923
I would like to award half the points to this answer and delete the question
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17388276
That cannot be done, sorry. If you wish, I will half the available points assigned to this question then you can accept Phils answer or I can mark the question for deletion with no points awarded.

Regards
Keith
0
 

Author Comment

by:Damester
ID: 17410059
Ok assign half the points and I will accept
0

Featured Post

Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question