Checklist: Three security mandates for any Windows environment

Now it's time to dig into the details. As I review the following three Security Options, you should come to understand why they are called "options." In other words, good security should not be optional, but the definition of "good security" will vary from computer to computer.

These Security Options should be mandatory in any environment. Surprisingly, they are all things most people can live with.

You may download a printer-friendly version. [TABLE]

Windows Security Checklists offer you step-by-step advice for planning, setting up and hardening your Windows security infrastructure.
E-mail the editor to suggest additional checklist topics.

Lock down Joe User's

To continue reading for free, register below or login

Requires Membership to View

To gain access to this and all member only content, please provide the following information (all fields required):

Email Address:
Create Password:
Confirm Password:

By joining SearchEnterpriseDesktop.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.

TechTarget cares about your privacy. Read our Privacy Policy

To read more you must become a member of SearchEnterpriseDesktop.com

As an existing member of the TechTarget network please provide your password to activate your account (Forgot your password?):

Password:

By joining SearchEnterpriseDesktop.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.

TechTarget cares about your privacy. Read our Privacy Policy

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows XP security issues, updates and alerts How Windows 7 stands up to security tests The state of enterprise security and emerging threats in 2009 A first look at Windows 7 security enhancements How to strike a balance between Windows security and business needs How to recognize and repair Blue Screen of Death stop error messages Ten ways to sell security to management Improve Windows security with our top 10 tips Strategies for troubleshooting Windows XP errors Managing single sign-on security burdens in Windows A Windows security checklist for IT managers

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary drive-by download  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

administrator rights

[TABLE]

Reader Feedback

Sean M. writes:
I enjoy your series of checklists for securing Windows systems. I think they are a great starting point for people learning about Windows security. If you don't mind, I'd like to make a suggestion for Item 2 in your Three security mandates for any Windows environment. While you are busy renaming the Guest account and ensuring it is disabled, why not take the time to give it a password as well?

I know some people may argue that this is simply too much, but I believe in providing layers of defense. If an attacker ever decided to re-enable the Guest account as a back door (who thinks to keep checking if it's still disabled?), then there would be the extra defense that the account has a password on it.

Another suggestion I would add concerning this account is to add it to the following policies:
- Deny access to the computer from the network
- Deny logon as a batch job
- Deny logon as a service
- Deny logon locally

One can never be too safe.

Rate this Tip To rate tips, you must be a member of SearchEnterpriseDesktop.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.