Tip

Harden Windows access control settings

This tip originally appeared on SearchWindowsSecurity.com, a sister site of SearchCIO-Midmarket.com.

Whether you're protecting sensitive data from malicious outsiders or preventing internal users from accessing

    Requires Free Membership to View

    Login

systems not assigned to them, you have your work cut out for you when it comes to access control. This collection of checklists written by Roberta Bragg will help you along your way. She details specific steps to take in locking down default Windows access control settings and offers access control best practices.

 Three security mandates for any Windows environment
Find out what you must do to lock down standalone computers, workgroup computers and Active Directory domains using Security Options.

 Block anonymous access
You can change Windows account names to obscure them from attackers, but account SIDs can still be obtained using anonymous access. Foil intruders with this checklist.

 Seven steps to properly set account lockout
Is it riskier to set account lockout or not? Weigh the pros and cons of using account lockout at all, and then get seven steps for making these settings work to your advantage in this checklist by Roberta Bragg.

 Restrict access to prevent insider hacks
Internal security threats often prove to be more malicious than all the people on the Internet. Get help protecting Windows from fellow coworkers and employees in this checklist.

 Set account options to limit systems access
Granting access to Windows systems is a privilege -- not a right. Limit access wherever possible by hardening account options, starting with the settings in this checklist.

 Tighten default settings to prevent unauthorized access
One of the simplest ways to avoid common attacks is to modify Windows system default settings for network connections. Site expert Roberta Bragg identifies four important settings to disable right away.

Roberta Bragg is author of Hardening Windows Systems. She is an MCSE, CISSP and Microsoft MVP, and a well-known information systems security consultant, columnist and speaker. Let us know what you think about this tip; email editor@searchcio-midmarket.com.


This was first published in July 2005

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

    Back to top