The following excerpt series from Chapter 2 of the free eBook "The Definitive Guide to Securing Windows in the Enterprise" (Realtimepublishers) is written by Don Jones. To obtain all eBook chapters from this guide, go to cc.realtimepublishers.com.

Chapter 2: Securing Clients

Client computers are often neglected when it comes to security. Everyone tends to focus on servers, and, let's face it, servers are definitely easier to secure. In addition, servers exist in data centers or other protected locations and are tended to by trained administrators. Client computers, in contrast, sit on the desks and in the carrying bags of mere users, and are subjected to every imaginable stress: physical security threats, spyware, viruses, airports, hotels, and so on.

The reality is that client computers can hold just as much critical information as servers. On their client computers, users store local copies of files (the only copy of those files, in some cases), use Windows' Offline Files features to retain copies of server-based data, and so forth. The amount of corporate information stored in users' mailboxes, for example, is staggering -- as much as 70 percent, according to a recent survey by VERITAS. Corporate confidential data is more likely to be compromised from a client computer than from a server, yet client computers typically have the least amount of security and the poorest, from a security viewpoint, configurations. This chapter will highlight some of the major security concerns affecting client computers, and give you ideas about how to address them.

Chapter 2 excerpts:

1. Local accounts and passwords
2. Service management
3. Local firewalls
4. NTFS permissions
5. Folder redirection
6. Removable storage
7. Local system permissions

Click here to return to the SearchWindowsSecurity.com Book Excerpts Library.