Building on a previous article about the top 5 security concerns in IBM Domino Server, we will take a look at the corresponding top 5 actions you can take to boost your IBM Domino Server security. While you no doubt hire trustworthy Domino administrators, insider attacks are a real problem. Use of a two-man rule on changes to ACL’s, configurations and other Domino control components is a great way to improve security and confidence..
- Protecting the server ID
- Protecting the IDvault ACL
- Protecting against misuse of Full Access Administrator rights
- Protecting against unauthorized changes
- Protecting corporate integrity in recovery and audit events
Protecting the server ID
Establish procedure and policy changes requiring at a minimum any production server to have a password assigned to the server ID. However, a password that is known by multiple administrators begins to lose it’s value rapidly, especially if it is not changed on a frequent basis. These factors need to be taken into consideration in choosing how to manage and control the password.
Protecting the ID Vault
In addition to access control on the ID Vault, restrictions on who can change the Auditor and Admin Client privileges need to be incorporated to prevent the ID Vault being accesed and ID files from being downloaded. Once off the system, there is no further control against what can be done with and to the ID files!
Protecting against misuse of Full Access Administrator rights
One of the best protections against misuse of these rights is to simply disable Full Access Administrator. While this will present a significant change if you have operated with this fully open and available, it is a change that is necessary if you are taking security seriously.
Protecting against unauthorized changes
Implement a two-man rule change control workflow process that requires approval by another user for configuration or ACL changes. This will prevent a single actor from making unauthorized changes to bypass security. But the process needs to include technical controls to prevent changes without following the process - a policy alone is not sufficient.
Protecting corporate integrity in recovery and audit events
Establish a control mechanism whereby you can roll back changes, as contrasted with having to perform a server recovery to the last known good configuration if you experience problems. This of course requires a more robust audit and event-tracking log than is provided by Domino itself, but it would also be useful in audit and forensic investigation events.
While some of these steps can be achieved with use of native Domino controls, it will require a significant labor commitment along with strict diligence establishing and enforcing manual procedures around changes, with each change being documented and servers inspected frequently to confirm no unauthorized changes have been made. Alternatively, a third party application like BCC’s Domino Protect can be utilized to deal with all these issues.
We have only briefly touched on each of these topics, but a more detailed discussion is available in a recorded webinar produced by BCC and publicly available at https://www.youtube.com/watch?v=VzuoSRrXnpA&feature=youtu.be.
Need help with your Notes environment?