Summer vacation is just around the corner, and most people look forward to it as always. However, one aspect of the holidays worth remembering is that your servers might be more vulnerable during this time. Many hackers assume that your usual vigilance for monitoring brute force attacks and dictionary attacks, securitiy patching and monitoring is lowered.
Summer vacations are for everyone, including system administrators and techs. The downside to this well-deserved leave is that it might give an attacker at least a couple of weeks to try and hack your servers without anyone noticing it.
Here are a few things you may want to do before you leave work for your summer vacation:
🔒 Security Patches
Make sure your servers and systems (such as firmware for switches, WiFi, and so on) have all necessary security patches installed. Think of it as giving your servers a summer sunscreen!
Antivirus Status
Ensure your antivirus is running and updated. You wouldn’t want your servers catching a virus, would you?
Firewalls and WiFi Entry Points
Have a final look at any entry points to your networks, i.e., firewall rules and WiFi access points. Shutdown everything that doesn’t need to be running. It’s like turning off the garden hose when you’re done watering the plants.
Test Servers
Check around and see that you don’t have any unnecessary test systems running. If your test servers are in a virtual environment, shut them down since they could pose a security risk. Test servers are like those summer leftovers – great at first, but they can become a problem if left unattended.
Inactive And Old Users
Check if your system have old and inactive users, test users etc that maybe should have been cleaned out a lonoog time ago. See it as cleaning out the yard for summer parties. You don’t want the old stuff laying around when the guests come over for a garden party.
🔑 External Access via VPN
Ensure you don’t have any rogue VPN certificates out in the wild or any users active that shouldn’t have access. Consider changing administrative passwords if it’s been a while. It’s like changing the locks before you go on vacation.
🔋 UPS
Check battery and charging levels for your UPS. Should a power failure occur and these things don’t work, you might be forced to fix a failed hard drive during your vacation, and nobody wants that. Imagine fixing a flat tire on your road trip – not fun!
Hardware Health Checks
Check for any hardware errors in your monitoring software (such as the HP Insight interface) to ensure you don’t have hard drives that are predicted to fail or any other hardware malfunction going on. Think of it as a health check-up for your servers.
💾 Backups
Review your backups, logs, and double-check they’re running correctly and that data is duplicated automatically. Especially for any backups that clear log files such as Exchange backups, SQL Server backups. You don’t want to fill up your system drives if you’re not around to take care of it. Backups are like packing extra sunscreen – you want to make sure everything is secure and ready to go.
📋 Contingency Plan
Ensure there’s an updated plan in place with the correct phone numbers and contact info for the right staff and suppliers in case of an emergency. Check the schedules to see who’s on call and make sure the plan is reachable, even if the data center isn’t. It’s like having an emergency contact list for your summer camp.
📡 Network Monitoring
Install software for monitoring and scanning your network and have it alert via email for anything strange such as a new device on your network, a newly created user somewhere, mismatch in network configurations, and so on. You could look at SpiceWorks that’s free and gets the job done if you don’t have anything in place now. Think of it as setting up a security camera to catch any sneaky raccoons.
📧 Out-of-Office Notifications
Set up automatic email and voicemail responses to inform contacts of your absence and provide alternative contact information. It’s like putting up a “Gone Fishing” sign.
Delegation of Responsibilities
Clearly delegate tasks to colleagues who will be covering for you. Ensure they have all necessary access and information. It’s like making sure everyone knows their role in the summer play.
📊 System Monitoring
Ensure that automated monitoring systems are in place and configured to send alerts to designated personnel. Think of it as having a trusty lifeguard keeping an eye on things.
If you have a brute-force prevention in place (which I highly suggest you do, feel free to contact me for suggestions), make sure it works, alerts as expected and that no licenses are expring for it.
🏢 Physical Security
Verify that physical security measures, such as locks and surveillance systems, are functioning properly. It’s like making sure the beach house is secure before you leave.
💻 Software Updates
Ensure all critical software updates are applied, not just security patches. Also make sure licenses will be valid. It’s like updating your summer playlist with the latest hits.
🔐 Access Control
Review and update access control lists to ensure only authorized personnel have access to critical systems. It’s like checking the guest list for your summer barbecue.
🚨 Incident Response Plan
Review and update your incident response plan. Ensure that all team members are aware of their roles and responsibilities in case of a security incident. It’s like having a plan for when the grill runs out of propane.
🔒 Data Encryption
Verify that sensitive data is encrypted both in transit and at rest. It’s like locking up your valuables before you hit the beach.
Redundancy Checks
Ensure that redundant systems and failover mechanisms are operational. It’s like having extra batteries for your summer gadgets.
📚 Documentation
Update and back up all relevant documentation, including system configurations, procedures, and contact lists. It’s like making sure your summer recipes are written down.
📞 Communication Plan
Establish a communication plan for emergencies, including how to reach key personnel and stakeholders. It’s like having a plan for when Aunt Edna calls with a summer emergency.
📜 Review Logs
Conduct a thorough review of system logs for any unusual activity before leaving. It’s like checking your list twice.
💡 Energy Savings
Consider energy-saving measures, such as turning off non-essential equipment. It’s like turning off the lights when you leave the room.
⚖️ Legal and Compliance
Ensure that all legal and compliance requirements are met, particularly those related to data protection and privacy. It’s like making sure your summer decorations comply with HOA rules.
🔏 SSL Certificates
Keep track of expiring SSL certificates and renew them as necessary to avoid any disruptions. It’s like renewing your summer club membership.
📄 On-Call Documentation
Ensure there is good documentation available for anyone who will be on call, including procedures, contact information, and troubleshooting steps. It’s like leaving instructions for the babysitter.
Additional Points to Ensure Smooth Operations
📈 Automated Reports
Set up automated reports to be sent to key personnel. These reports can include system health, security alerts, and performance metrics. It’s like getting a daily update from the lifeguard.
☁️ Cloud Services
Ensure that cloud services are configured correctly and that access controls are up to date. Verify that critical data is backed up to the cloud. It’s like storing your summer gear in the attic.
🔗 Third-Party Services
Confirm that any third-party services you rely on are operational and that you have up-to-date contact information for their support teams. It’s like making sure the caterer has your correct address.
📚 User Training
Provide training or refresher sessions for staff who will be handling critical systems in your absence. Ensure they are comfortable with the procedures and tools. It’s like rehearsing for the summer play.
Redundancy in Staffing
Ensure that there is redundancy in staffing, meaning that more than one person is capable of handling critical tasks. This helps in case the primary person is unavailable. It’s like having backup singers for the summer concert.
📅 Regular Check-Ins
Schedule regular check-ins with the team to ensure everything is running smoothly. These can be brief and conducted via email or messaging apps. It’s like checking in with the lifeguards.
✅ Compliance Checks
Conduct compliance checks to ensure that all systems and processes adhere to relevant regulations and standards. It’s like making sure your summer lights are up to code.
🚨 Incident Simulation
Run a simulation of potential incidents to ensure that the team is prepared to handle emergencies. This can help identify any gaps in the incident response plan. It’s like practicing fire drills.
🔧 Resource Allocation
Ensure that resources (such as spare parts, backup devices, etc.) are readily available in case of hardware failures or other issues. It’s like having extra sunscreen on hand.
📄 Documentation Updates
Regularly update documentation to reflect any changes in systems, processes, or personnel. This ensures that anyone stepping in has the most current information. It’s like updating your summer card list.
By following this comprehensive checklist, you can help ensure that your systems remain secure and operational during your absence. Enjoy your well-deserved summer break! 🌞😊
