Harvard University Information Security | HARVARD.EDU

Server vulnerability

SC3: Server operators must take reasonable actions on a regular basis to ensure that their systems are not vulnerable to attack, whether the system is managed directly by Harvard or via contract with a third-party service provider for Harvard's use (e.g. IaaS, SaaS).

See also: Level 4, 8, Servers C, Level 4

How to Comply

Implement vulnerability testing

Server operators must take reasonable actions on a regular basis to ensure that their systems are not vulnerable to attack, whether the system is managed directly by Harvard or via contract with a third-party service provider for Harvard's use (e.g....

Minimize number of services running on Linux server

Minimize the number of services running on the server - Linux. Disable any unused or unnecessary services.

Minimize number of services running on Windows server

Minimize the number of services running on the server - Windows. Disable any unused or unnecessary services.

Information Security Policy

Harvard University

Server vulnerability

How to Comply

Implement vulnerability testing

Minimize number of services running on Linux server

Minimize number of services running on Windows server

a5521c6de467d1f1f57b952884f5e43e