[dba-Tech] Server Hardening? Really?

Dan Waters df.waters at comcast.net
Tue Mar 5 11:19:52 CST 2013 

One of my customers is a subsidiary of a larger company.  That company has
contracted with Computer Services Company (CSC) to provide computer and
network services.  (CSC was recently fired by the US Air Force for not
fulfilling a contract to provide a large software system.)

 

At my customer, CSC is doing what they call 'server hardening'.  A
consequence of this is that remote desktop access is no longer allowed - so
I can no longer directly update or maintain the system I've built for them.
Even my customer's employees have lost their remote access to this server.
I have yet to figure out how to make this work.  BTW, the folks at my
customer have been infuriated by CSC's actions for a couple of years now and
they are angrier than I am.

 

So, I'd like to ask everyone if you believe that preventing remote desktop
access is appropriate for server hardening.  Or, what steps could be done to
provide equivalently secure remote access?

 

 

Thanks!

Dan Waters

More information about the dba-Tech mailing list