I was asked by a Managed client to Manage and Protect a Cloud Windows Server (hosted on Hostwinds) that is being used for a web application that a developer created for them.
What I’ve done so far:
- Installed my RMM
- Installed SentinelOne Control
- Configured some GPOs for security
- Installed Duo MFA for RDP
- Changed 3389 RDP port to something else
- Planning to install a cloud backup for daily image backup.
Is there anything else that I as an MSP (and not a dev) need to do to protect this server?
Thanks for your time, I highly appreciate you all!
I assume it’s too late to get them to choose a better platform thank Windows to build the app on so:
Turn OFF RDP because moving the port is not really that helpful, use another means for remote access. I don’t really have any faith in Windows firewall or having any Windows system exposed without a separate firewall in front of it. I assume this will be running IIS so go through some hardening guides to make sure that it’s locked down.
Yes, they use IIS.
I think I’ll ask the Developer to look into AWS to see if they offer more managed security for those type of web apps, since it doesn’t look like he knows much about security.
Thank you Tom! I learn a lot from your videos, you’re amazing!