Basic Windows Server 2016 Security Measures

Leave your reply


After creating a new Cloud Server with Windows 2016, there are several procedures we recommend you follow in order to increase the server's security. Learn the recommended "best practices" for a new Windows server, including changing the Administrator name, setting an Account Lockout Policy, and more.


  • A Cloud Server running Windows Server 2016.

1&1 Cloud Panel Tasks: Firewall Policy, Monitoring Policy, and Backup Manager

There are three basic security tasks which can be quickly and easily performed from the 1&1 Cloud Panel:

  • Create a Firewall policy to block unused ports.
  • Set up a monitoring policy to monitor the server's load and processes.
  • Install the Backup Manager to run backups of your server.

For step-by-step instructions on performing these three tasks, see the article Three 1&1 Cloud Panel Setup Tasks for New Accounts.

Stay Up-To-Date With Security Patches

One of the first and most important tasks to perform on a new Windows 2016 is to search for and install any necessary system updates. System updates are released often, and even a brand-new server will most likely have one or more updates ready to be installed. These updates can improve the performance of your server, patch security flaws, add extra functionality, and more.

For step-by-step instructions on how to update a Windows 2016 server, see our article Install Updates on a Cloud Server with Windows 2016.

Change the Administrator Name

As a basic first security measure, we recommend you change the name of the administrator account on a Cloud Server with Windows 2016. The administrator user is the default user for all Windows accounts, and thus is frequently the target of brute-force password attempts. Changing the user name is an easy way to provide a higher level of security for your new server.

For step-by-step instructions on changing the Administrator account name, see our article Change the Administrator Name on a Cloud Server with Windows 2016.

Set an Account Lockout Policy

The Account Lockout Policy is a powerful means of blocking brute force attacks which takes only a few clicks to set up. The Lockout Policy will lock out an account after a specified number of invalid login attempts.

For step-by-step instructions on setting up an Account Lockout Policy, see our article Windows Server Security Rule 1: Increase Authentication Security.