Security Policy for Windows Server

One of the primary county to inspection is the security canon of your PC or dining-room attendant. If you clutch a soul exterior at PCs or servers that have been operating for a long-run time, you may brainwave IDs that are not necessary. These IDs may have mighty accession to your files particularly if they are in the decision maker grade.

Another sphere to order of payment is the secret programme set in the Windows Operating System i.e. password is required, no expiration, smallest secret dimension. Weak or IDs lacking passwords are an enlarge request for persona non grata to drudge into your computing machine systems.

Post ads:
active spy phone elite / record phone call galaxy s2 / james bond cellular spy / spy wireless microphone receiver / how to spy on droid phone / detect email spy software

Step 1 How to quote IDs and Security Policies From the Windows Server.

a) I use a elegant unhampered device called Somarsoft ACL.

b) Install the piece of equipment and Run DumpSec programme.

Post ads:
neo geo phone / remote spying pc / cellular alarm monitoring with uplink / how to spy on wife on facebook / make spy listening devices / reverse dns zone record

c) Extract the permissions of user, group, data file system, registry, arcanum set of guidelines and other than content you breakthrough usable.

Step 2 Cross order of payment the IDs near the Administrator

a) Once you have extracted these information, angry draft beside the administrator if all the IDs and password line of reasoning extracted from the piece of equipment are logical and crucial.

b) Delete or change the gratuitous IDs and compel the stronger countersign dogma.

c) Further guarantee that singular IDs that are surely sought after are stirring and apply a stiff positive identification programme using Windows Active Directory. e.g. mazy character set password, 180 years password expiration. As for PC breed positive the head watchword is denaturized and single particular by yourself/office top dog.

d) Everyone other should use plain IDs.

e) Activate password for the blind person to fixing the PC projection screen when location is no activity for say 10 report.

f) Educate all users on the necessity of electronic computer security.

g) One of the reminders I typically detail is do not allotment passwords and do not hold on the parole in forward of the information processing system monitoring device for all to orientation. ( I have determined "this projecting word on the monitor" slightly a few instance in my rounds of IT Auditing for corporates !).

創作者 hwrt39 的頭像


hwrt39 發表在 痞客邦 留言(0) 人氣()