Manage risks posed by Windows file servers

On this page:

Overview

Windows file servers pose a number of risks, and the severity of those risks varies based on the strength of safeguards applied. On average, the risk imposed by a file server is moderate unless significant resources are applied. Where resources are scarce, file servers often pose greater risk.

Safeguards for file servers

Key safeguards for file servers include:

  • Backups: Backups allow recovery from ransomware, disasters, and user error. Backups must be routinely tested, preferably on a separate, clean system, to ensure they'll work when needed.
  • Two-factor authentication: At IU, most systems use Two-Step Login (Duo) to protect against credential theft; however, it isn't practical to use Duo with Windows file servers. Hence, file servers are a prime target for attackers possessing IU credentials.
  • Network isolation: Allowing direct internet access to file servers is usually an unnecessary risk. Keep file servers on private IP addresses (requiring VPN access for those outside university networks) to avoid external attack.
  • Vulnerability scans: Even when network isolation is used properly, file servers are still exposed to systems inside university networks that may have been compromised. Vulnerability scans must be performed routinely (every 30 days), which file server administrators can accomplish by ensuring the UISO scan engines are able to reach the server. Most importantly, file server administrators must review the scan reports and take action when they report a vulnerability.
  • Logging: Security of Information Technology Resources (IT-12) requires all IT systems, including file servers, to log successful and failed authentications, failed file accesses, and successful accesses to files containing data classified as Critical or Restricted data. Logs should be kept on the local system and forwarded to a remote logging service such as Log-Alert.
  • Encryption: Encrypting files at rest guards against physical theft of the server or its storage media and can be accomplished with whole-disk encryption tools like BitLocker. Encryption in transit protects data from network eavesdropping but, for Windows file servers, is only possible with more recent protocol versions, which may not be compatible with older clients.
  • Resiliency: Although Windows file servers can be deployed in multi-node clusters, few departments have this capability. Such servers are therefore often weak links in an organization's disaster recovery plan.
  • Access control: Where possible, administrators should review and ensure file ownerships and permissions are set appropriately. Users of the service should perform similar reviews of files they own.

The fewer of the above safeguards are in place, and the less rigorously those safeguards are implemented, the greater the risk.

This is document baod in the Knowledge Base.
Last modified on 2024-02-09 14:00:05.