Server and cloud security - what decision-makers need to know now

Following the protection of end devices and clients, the focus is now shifting to servers and cloud systems - and therefore the heart of every IT infrastructure. This is where central applications run and where business-critical data is stored. The security requirements for these systems are correspondingly high. In part 4 of our series, we show how companies can effectively protect servers - whether physical or virtual - and cloud environments. The aim is to raise awareness of essential security measures that both protect against cyber attacks and meet the requirements of cyber insurance.

Secure server infrastructures on-premises

Even though cloud offerings continue to gain ground, many companies still operate their own servers - in the data center or in the server room on site. Basic security principles apply to these systems and must be implemented consistently.

Patch management is a key element. Security updates for operating systems and server applications should be applied regularly and promptly. Unpatched systems with Internet access can become the target of automated attacks after just a few hours. Network segmentation is just as important: critical systems belong in their own network zones whose data traffic is strictly controlled. This prevents an attacker from moving unhindered throughout the entire network after an intrusion.

Other technical measures such as firewalls and intrusion prevention systems protect the servers from unauthorized access and suspicious data traffic. Administrative access is particularly sensitive: this should be reserved for authorized persons only, ideally secured by multi-factor authentication. Every access and every change to the system should be logged in a traceable manner.

One point that is often underestimated is the topic of backups. It is not enough just to back up file servers regularly. Configuration data - from domain controllers, for example - and database content must also be reliably backed up and restored. To ensure that companies are actually prepared in an emergency, it is not only the technical implementation that is important, but also the documentation. Update logs, network plans or access logs are often prerequisites for insurance cover or external audits.

Cloud security: responsibility lies with the customer

Many companies now use services from the cloud - for example via AWS, Azure or Google Cloud. There is often a misconception that the provider automatically assumes complete security. In reality, however, the "shared responsibility" model applies: the cloud provider is responsible for protecting the infrastructure - i.e. data centers, hardware and basic platform services. However, the responsibility for the data, users, assignment of rights and configurations lies entirely with the customer.

This means that even in the cloud, systems must be kept up to date, configurations secured and access controlled. Open ports, poorly managed access keys or unencrypted databases are typical vulnerabilities that must be avoided. All major cloud platforms offer security functions such as firewall services, identity and rights management or automatic data encryption. These tools should be used consistently - supplemented by clear security standards, for example the mandatory encryption of sensitive data or the continuous logging of all administrator access.

It is also advisable to continuously monitor the cloud environment. Suspicious access, configuration changes or unauthorized logins should be detected immediately. This is where cloud-native monitoring solutions or comprehensive SIEM systems come into play. For companies with multiple cloud providers or hybrid structures, cloud security posture management (CSPM) solutions can be helpful in order to centrally assess the security status of the entire environment and identify vulnerabilities at an early stage.

Challenges due to dynamics and automation

Compared to the classic server environment, the cloud is characterized by a high degree of dynamism: Resources are often created, moved or deleted automatically. Security processes must therefore also be automated. A good example is the automated provision of new server instances. Firewalls, monitoring agents and encryption should be rolled out automatically. Tools such as Infrastructure-as-Code make it possible to integrate security into the development and deployment process.

The flow of data in the cloud must also be carefully considered. Companies should know where their most sensitive data is located - such as customer databases - and who is allowed to access it. Access controls and monitoring systems must be geared towards these "crown jewels". Another important aspect is the issue of backups. Cloud data can also be accidentally deleted or encrypted by malware. It is therefore crucial to ensure regular, documented backups in the cloud too - including tested recovery procedures.

Security measures should not only be implemented, but also regularly checked and tested. This includes penetration tests, recovery tests for backups or the simulation of system failures. Such tests help to identify vulnerabilities before an attacker exploits them.

Conclusion: Safety starts with clear standards

Servers and cloud systems form the backbone of every modern IT infrastructure. Decision-makers are responsible for defining binding security standards for these environments and ensuring that they are implemented. Technical protective measures, documented processes and regular tests form the basis - both for defense against cyber attacks and for insurance cover in the event of an emergency.

A professionally secured IT infrastructure not only protects the company, but also ensures that it can react quickly in the event of an attack or failure.