Hiya everyone – harryb here!
I am the author of the SBS 2008 book just out – but more importantly for the 70-282 exam, I am the publisher of the Microsoft Small Business Specialist book. I like to hold virtual book readings and here is how I roll!
Security Guidelines
If you take a look at the first step in the To Do List—the “View Security and Best Practices” task—you will find it is comprised of a security best practices covering topics from protecting your server from external AND internal vulnerabilities to security issues monitoring.
General guidelines for securing your SBS server include: Want a hint? Read the
To Do List!
· Keeping your antivirus application up-to-date.
· Keep the AV signatures updated as frequently as possible, as the virus epidemic has gotten out of hand.
· Using a firewall (covered later in this chapter).
· Not downloading and running programs from untrustworthy sources.
· Malicious programs resemble trustworthy software and could initiate identity theft, data destruction, and DoS attacks. Software should only be obtained from legitimate sources.
· The principle of least privilege. A beautiful thing for administrators to use on end-users, but this should also apply to themselves. Use an account with limited permissions to handle nonadministrative tasks and use the “runas” command for administrative tasks.
· Enforce strong passwords.
· Use complexity rules and enforce a minimum of seven characters using special symbols and mixed case.
· Apply the latest software patches.
· Use SUS with GPOs (explained below).
· Use group accounts to manage users. This will be much easier than managing individual permissions.
Chapter 6 Securing Windows Small Business Server 2003
· Do regular backups.
· Use the Small Business Server Backup Configuration Wizard or use the Automated System Recovery feature (ASR). Hang on to your hats until Chapter 8 when you’ll have the opportunity to read expanded backup discussion that compares the SBS backup and ASR methods. We even throw in a few real-world war stories for giggles.
· Restrict physical access to the domain controller.
· This is a high-level risk. Secure your server and network hardware; you never know when an employee will get disgruntled.
For more security information check out http://www.microsoft.com/mscorp/ twc/default.mspx.
cheers….harrybbbb
Harry Brelsford, CEO at SMB Nation
MBA, MCSE, CNE, CLSE, CNP, MCP, MCT, SBSC (Microsoft Small Business Specialist)
PS – my Small Business Server 2008 (SBS 2008) book is now here! J
