Security Differentiators for Servers, Laptops: 10 Best Practices
Servers Require Moreand More SpecificSecurity
When it comes to securing these two types of systems, more broad-based policies and controls can be applied to laptops. However, servers require specific policies and controls based on the data, application functions or the environment in which it resides. Servers by nature are set at "default deny." However, laptops maintain a "default allow" setting.
Whether it's a handheld device, a desktop, laptop, server or cloud application, users need to be aware of how the data on the device or service is secured. Each IT tool requires a specific type of security; servers need custom protection of critical data without impacting performance. Blanket protection is suitable for laptops, and performance impact is a nonissue. Both servers and laptops must be protected against malicious activity. However, only servers require additional system configuration and change visibility. Continuous availability is extremely important for servers. They cannot be rebooted on a whim. While continuous availability for users' laptops is less important, reboots for laptops are both acceptable and occur quite often. Laptops connect to multiple unprotected networks at various locations, while servers only connect to one network in one location. Servers store and process vast amounts of confidential records containing sensitive data. Laptops can store large amounts of confidential data that must be protected, but not on the scale of a server. The evidence of this is apparent with each news report of a laptop containing thousands of financial, business transaction or health care records being lost or stolen. With these specificities in mind, eWEEK and Neelum Khan, senior product marketing manager at Symantec, have teamed to present some best practices for configuring security for laptops and servers.