Security is a compromise between usability and peace of mind. Some customers may prefer usability and only employ light security for a small gaming server, allowing quick access from any location. For peace of mind and greater security, others may lock the server down completely, refusing any access to the server and enabling Remote Desktop connections via the Serial Console only when needed.
Security measures may vary greatly dependent on the use of the server. The security of the server can only be managed by the administrator of the machine (not by 1&1) and should be one of the first priorities when configuring a server. It is much easier and more beneficial to lock down the server almost completely before setup, and alter the security settings as more services are installed and configured. This way, you can ensure the server is secure from the beginning and allow security exceptions for specific services, applications or ports that require network transmission.
Below are some common and suggested security measures to employ which will increase the security of the server significantly while offering almost the same usability of the server.
The Password Policy can be set to define rules on passwords for Windows users, while the Account Lockout Policy defines rules on locking an account after multiple failed passwords entered. This is great for ensuring that all users choose strong password and/or choose new passwords after a specified length of time and also to prevent against brute-force login attempts through Remote Desktop.
Click Start > Administrative Tools > Local Security Policy
Double-click Account Policies
Choose either the Password Policy or Account Lockout Policy to start configuring security settings.Please reference the following links for more information regarding these policy settings:
Creating a Strong Password Policy
Establishing an Account Lockout Policy
Since the Administrator user can not be locked from failed login attempts, it is suggested that the Administrator user be renamed.
Configure Windows Updates to Check for updates but let me choose when to download and install them.
It is imperative to keep in mind that updates may possibly affect the functionality of the server, its services and or software and therefore it it highly recommended to back up the server before applying any hotfixes, patches, updates, etc.