Featured image: Top 5 Security Concerns in IBM Domino Servers

In IT these days, server security has taken on a whole new level of importance in light of all the data breaches and denial of service attacks. It seems every day there is a new vulnerability uncovered in widely used software, or another company – or even entire industries – that are targeted for attack. Yet too often the email servers are either overlooked or their importance downplayed. This is a mistake, and if it is one you have made, we will take a look at the top 5 actions you can take to boost the security of your IBM Domino Servers.

  1. Protecting the server ID
  2. Protecting the vault ID
  3. Protecting against misuse of Full Access Administrator rights
  4. Protecting against unauthorized changes
  5. Protecting corporate integrity in recovery and audit events
We will briefly touch on each of these topics, but more detail is available in a recorded webinar produced by BCC and publicly available at https://www.youtube.com/watch?v=VzuoSRrXnpA&feature=youtu.be
 
 

Protecting the server ID

While it seems obvious that the server ID should be password protected, the number one reason it is not is that unattended server restarts are normally impossible if you password protect the server ID file. However, the ID is the secure identity that provides access to everything the server wants to do and it should be considered vital to protect it, even if it is less convenient.

 

Protecting the ID Vault

IBMs recommended way of protecting the ID Vault is to add notes.ini parameters to turn off the ability to download id files from the vault. This is cumbersome and difficult to change if you ever need to allow a valid administrator to download an ID file in a required situation. A much better way of securing this would be to protect the ACL from changes so that the role of Auditor can't be given and thus allow downloading of ID files.

 

Protecting against misuse of Full Access Administrator rights

This is often left blank for one of two reasons – ignorance of the capability it provides, or for ease of use considerations. Similar to protecting the server ID, Full Access Administrator privileges should be tightly controlled since it can be used to bypass many of Dominos restrictions and security controls.

 

Protecting against unauthorized changes

The audit logging provided by Domino is somewhat basic. It could be a challenge to obtain sufficient forensic details to determine all the necessary information about source and attack vector if you have a security incident. Preventing such changes from occurring is the best idea.

 

Protecting corporate integrity in recovery and audit events

You should consider a means to protect your environment by being able to roll back changes, but of course you need a robust audit trail to know what changes were made. But not only for restoring your environment short of going back to the last backup, detailed logging would be invaluable in audits as well.

In short, there are a couple things you can do right away – protecting the server ID and locking down Full Access Administrator rights. This will help. But to be able to protect against unauthorized changes and get roll back recovery, you may need the aid of an additional product to get the robust event and audit logging those require.

 

Interested in protecting your Domino server?

Learn more about DominoProtect

 

Back to all news
Open newsletter modal