Checklists: Harden access control settings

In this collection of Roberta Bragg checklists, you'll get step-by-step advice on how to lock down Windows access control settings.

Whether you're protecting sensitive data from malicious outsiders or preventing internal users from accessing systems not assigned to them, you have your work cut out for you when it comes to access control. This collection of checklists written by Roberta Bragg will help you along your way. She details specific steps to take in locking down default Windows access control settings and offers access control best practices.

  • Three security mandates for any Windows environment
    Find out what you must do to lock down standalone computers, workgroup computers and Active Directory domains using Security Options

  • Block anonymous access
    You can change Windows account names to obscure them from attackers, but account SIDs can still be obtained using anonymous access. Foil intruders with this checklist.

  • Seven steps to properly set account lockout
    Is it riskier to set account lockout or not? Weigh the pros and cons of using account lockout at all, and then get seven steps for making these settings work to your advantage in this checklist by Roberta Bragg.

  • Restrict access to prevent insider hacks
    Internal security threats often prove to be more malicious than all the people on the Internet. Get help protecting Windows from fellow coworkers and employees in this checklist.

  • Set account options to limit systems access
    Granting access to Windows systems is a privilege -- not a right. Limit access wherever possible by hardening account options, starting with the settings in this checklist.

  • Tighten default settings to prevent unauthorized access
    One of the simplest ways to avoid common attacks is to modify Windows system default settings for network connections. Site expert Roberta Bragg identifies four important settings to disable right away.

    About the author: Roberta Bragg is author of "Hardening Windows systems." She is an MCSE, CISSP and Microsoft MVP, and a well-known information systems security consultant, columnist and speaker.

    More information from

  • Learning Guide: Access control
  • Ask the Experts Archives: Tips for controlling access to the server
  • Checklists: Click for the complete collection of Roberta Bragg's Windows Security Checklists

  • Dig Deeper on Windows 10 security and management

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.