Ignoring basic common sense about ID's, it is a common practice for Domino Server ID’s to be left without a password. Experts and even IBM have warned against this widespread practice, but with what is at stake on your server, does it make sense to leave it vulnerable?
Without a password on your server ID, you leave your system open to anyone with enough knowledge (or Google search skills) to be able to access any of your databases on that server, likely including the ID vault database.
What are the top 10 reasons people do not protect their server ID?
The answer is, it is a trick question. There really is only one main reason cited over and over - it speeds up the reboot process, enabling unattended restarts.
If password protected, then a reboot requires the password be entered, causing delays in restarting the server. If an administrator who knows the password is on hand, it may only be a short delay, but they are not always available, especially during unattended restarts for normal maintenance or emergency restarts following a crash.
The problem is, what makes the reboot easier for you makes unauthorized access easier for hackers, and even exposes you to problems from unintended or accidental errors caused by users who may not have a full grasp of administrative commands. For example, the server ID can be used to exploit the contents of the ID vault or Domino directory on a server, which could result in far-reaching potential for unauthorized or accidental access.
Problems of scale
In large organizations with hundreds of Domino servers and just a handful of Administrators, entering a password during each restart can become a logistical impossibility. But it’s also that math that drives the security risk.
Without a means to carefully and closely monitor the activity on each server, the opportunity for nefarious access exploiting an unprotected server ID increases. While there is a fair amount of security that can be configured within a Domino server, such as ACL's that can help control access, if someone has access to an unprotected server ID, any ACLs that have not been configured correctly can be bypassed.
If automation is the goal, do it right
It’s a logical conclusion that the main reason for not protecting the server ID is to help with unattended orautomated restarts. But you should know there are alternatives available that support automated restarts and protecting the server ID, in addition to other improvements in overall security posture and compliance reporting.
Obviously, the information stored on your Domino servers is important to your business or you would simply get rid of it. Availability of your Domino servers is also important or you would not worry about delays for entering a password during a restart. If access to your information stored in the Domino servers is important enough to allow the risk associated with not protecting the server ID, it’s important enough to actually protect. Keep the benefits of unattended restarts, but add the security improvements of password protecting your server ID by using a robust automation tool.
Not sure what tool is right for you? Check out DominoProtect.