As a security best practice, review basic settings on your Infrastructure as a Service (IaaS) host machine to ensure that it conforms to security guidelines.

Secure miscellaneous accounts, applications, ports, and services on the Infrastructure as a Service (IaaS) host machine.

Verify Server User Account Settings

Verify that no unnecessary local and domain user accounts and settings exist. Restrict any user account that is not related to the application functions to those required for administration, maintenance, and troubleshooting. Restrict remote access from domain user accounts to the minimum required to maintain the server. Strictly control and audit these accounts.

Delete Unnecessary Applications

Delete all unnecessary applications from the host servers. Unnecessary applications increase the risk of exposure because of their unknown or unpatched vulnerabilities.

Disable Unnecessary Ports and Services

Review the host server's firewall for the list of open ports. Block all ports that are not required for the IaaS component or critical system operation. See Configuring Ports and Protocols. Audit the services running against your host server, and disable those that are not required.