Home > Enterprise Desktop Tips > > Create a corporate security baseline for Windows Vista
Enterprise Desktop Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 


Create a corporate security baseline for Windows Vista


By Brien M. Posey, MCSE
06.28.2007
Rating: --- (out of 5)


Advice for securing Windows
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


When you initially deploy a workstation, you typically configure the workstation according to your corporate security policy. Inevitably, though, these requirements change over time and older workstations may not be configured to comply with your new requirements. The challenge then becomes identifying which workstations have deficient configurations and which parts of the workstation's configurations need to be revised.

Sadly, there isn't a Windows feature that can analyze every aspect of a workstation's security, but you can analyze the most relevant portions of a workstation's local security policy. To do so, you would simply use a properly configured workstation to create a security baseline. You can then compare that baseline against other computers on your network to see if they are properly configured.

Creating a security baseline for Windows Vista

Whether you want to analyze a workstation to test for incorrect security settings, or you want to correct security settings that are known to be wrong, the first step in the process is to create a security baseline. A security baseline is essentially a template that specifies how to set the various Group Policy settings.

There are two primary methods of creating a security baseline template in Windows Vista. The first method involves defining the template based on settings taken from a machine that is known to be configured correctly. To do so, log in as an administrator an


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


RELATED CONTENT
Windows Vista security issues, updates and alerts
Ten ways to sell security to management
Improve Windows security with our top 10 tips
Windows Vista management tutorial
Minasi says Vista SP1 solves problems, adds new ones
Does Vista's strong security make it better than XP?
Are Windows Vista's features silencing critics?
Managing single sign-on security burdens in Windows
Top 10 ways to improve Windows Vista security
A Windows security checklist for IT managers
Unauthenticated vs. authenticated security testing

Windows desktop security tips
Managing multiple passwords in Windows
Using System Center Essentials as a patch management tool
How Windows 7 stands up to security tests
Securing sensitive data on Windows-based laptops
Gathering and documenting your Windows desktop security policies
Windows desktop security standards documentation best practices
Desktop security preparation for a new wave of Windows apps
Four Internet Explorer 8 group policy security settings
The state of enterprise security and emerging threats in 2009
Why should Windows shops use Microsoft Baseline Security Analyzer?

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
drive-by download  (SearchEnterpriseDesktop.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


d follow these steps:

Figure A [IMAGE]
Navigate through the console tree to Local Computer Policy | Computer Configuration | Windows Settings | Security Settings

An alternate method

If you don't want to create a baseline based on an existing configuration, then there is another option. Windows Vista allows you to create a security baseline template from scratch. To do so, follow these steps:

Figure B [IMAGE]The new template appears beneath the security template folder.

Figure C [IMAGE]You can populate the new template in the same way that you would populate a Group Policy.

Now that I have shown you how to create a security baseline template, it's time to put the baseline template to use. In my next tip on creating a security baseline, I will show you how to use the template that you have created to analyze Windows Vista workstations on your network and how to use the template to adjust and amend security problems that you may encounter.

About the author: Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies.


Rate this Tip
To rate tips, you must be a member of SearchEnterpriseDesktop.com.
Register now to start rating these tips. Log in if you are already a member.




DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Enterprise Desktop Security - Virus Protection, Malware Protection, Intrusion Detection
HomeTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogs
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2008 - 2009, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts