Some solutions have very simple requirements that allow for a more creative approach. For example, there was a basic informational website that held static content and did not require frequent changes.  With limited department resources, for server maintenance, the original cloud hosted VM server became an exploit target. My resolution was to bring the web server in house as a new VM and to heighten the security by various methods. I led the implementation of best practices for the open source web server, as well as set up an isolated VM server, and ran the server in snapshot mode with a script to reboot every night.  With this method, an efficient economical support schedule could be established and the attack surface exposure was limited.