|A secure and reliable server environment requires that the operating system be kept up to date and never compromised.
To ensure that every server is running exactly the code it is supposed to be, every server periodically verifies its filesystem
against a central, highly-secured distribution server. Any discrepency in the filesystem is reported to AO Industries
personnel for futher action.
This mechanism addresses two critical aspects of operating system security. First, it detects any trojan horses, root kits,
configuration changes, or malicious code that has been added to operating system files and directories. Second, it scans
all user directories for any file that could compromise security or anything else that might indicate the presence of malicious users.
This system also addresses operating system reliability. By making sure every file, library, executable, and configuration
file is correct the room for human error is greatly reduced, and the servers remain secure, consistent, and reliable.
Once per day, at a random time, each of our servers scans its entire file system. System files are verified against a highly-secured distribution server, and user files are scanned for anything indicative of a security problem.
Although engineered as a security tool, the distribution verification system also helps us keep machines
running smoothly by ensuring all the correct versions of software are installed. For example, if we upgrade
PostgreSQL on all servers and miss one, the distribution system will report the discrepancy and we resolve
|Copyright © 2000-2022 AO Industries, Inc.|