Forgive me if I'm wrong since I haven't come across servers with IIS yet, but what about spyware and adware on the servers? Some of them open up ports, but I don't recall one opening up 1027.