Best Practices for Securing Servers

• The Five "A's" of Security
  

  Underlying a successful security program is a comprehensive security policy that defines the details for command, control and compliance and provides a roadmap for maintenance as the program matures.

  The five A's act as general guidelines:

  1. Administration: Determine who will maintain, modify and monitor security policy information.
  2. Authorization: Insist on providing only authorized access.
  3. Asset: Keep all information confidential.
  4. Accountability: Make sure you can track and monitor who performs transactions at all times. Be able to determine if these transactions are appropriate.
  5. Assurance: Understand that the survivability of your program is related to the survivability of your security policy and vice-versa
• CERT's Guideline: UNIX Configuration
• SANS Top 20 Vulnerabilities