- Didn't enable Windows automatic updates
- Didn't harden the system based on Microsoft's recommendations and others such as those at the Center for Internet Security website
- Didn't set up a password policy
- Did set up a ridiculously stringent password policy that's unreasonably difficult for users to work with
- Didn't set up NTFS file permissions properly, which allows anyone to access anything and create shares at will
Get more information on how to set up a Windows network with more of Kevin Beaver's Windows security advice.
This was first published in July 2007