3.2.1 SSH keys
With SSH, any kind of authentication, including password authentication, is completely encrypted. However, when password-based logins are allowed, malicious users can repeatedly attempt to access the server. With modern computing power, it is possible to gain entry to a server by automating these attempts and trying combination after combination until the right password is found.
Setting up SSH key authentication allows to disable password-based authentication. SSH keys generally have many more bits of data than a password, meaning that there are significantly more possible combinations that an attacker would have to run through. Many SSH key algorithms are considered uncrackable by modern computing hardware simply because they…show more content… Secure backups help you survive everything from accidental file deletion to hurricane destruction. Those same backups can also help you survive cyber blackmail. If a cybercriminal threatens to delete your data, you can have it back online almost immediately using your backup system. As a best practice, backup data should be stored in a secure, remote location away from your primary place of business. This protects your data from both physical and cyber threats.
3.2.6 Purchase some protection.
There are numerous proven vendors that can provide firewalls, malware blocking, spam filtering, phishing blocking, virus protection, and intrusion detection software. These companies specialize in network protection and can provide data security that meets the needs and budgets of most businesses.
3.2.7 Encrypt the entire network
You can also encrypt an entire network. One option is IPsec. A Windows Server can serve as the IPsec server and the client capability is natively supported by Windows as well. However, the encryption process can be quite an overhead burden on the network; effective throughput rates can drop dramatically. There are also proprietary network encryption solutions out there from networking vendors, many of which use a Layer 2 approach instead of Layer 3 like IPsec to help with reducing latency and
