Security Watch: Passwords and Credit Cards, Part 1
Jesper M. Johansson - July 2008
The first installment in a three part series looking at how common security-related advice and common practices are outdated and actually hinder security efforts.
Security Watch: Principles of Quantum Security
Jesper M. Johansson - May 2008
Find out how the Heisenberg Uncertainty Principle and other elements of quantum physics can shed light on evolving security strategies. (Note: No cats were harmed in the writing of this article.)
Security Watch: Where Is My PII?
Frank Simorjay - April 2008
Before you can effectively protect your Personally Identifiable Information, you must know where it’s stored on your PC. Here's a look at how to write scripts that will locate personal data stored on your computer. You just might be surprised at what these scripts uncover.
Security Watch: Using SCW on Windows Server 2008
Jesper M. Johansson - March 2008
You've heard about the new Server Manager tool in Windows Server 2008. But the Security Configuration Wizard (SCW) is still available, as well. Find out why you will still want to use SCW.
Security Watch: Island Hopping: Mitigating Undesirable Dependencies
Jesper M. Johansson - February 2008
Unwanted security dependencies can expose your entire network to attacks. Find out how security dependencies work so you can analyze dependencies in your environment and resolve potential problems.
Security Watch: Island Hopping: The Infectious Allure of Vendor Swag
Jesper M. Johansson - January 2008
Security threats don't just come from e-mail and malicious Web sites. See how a USB thumb drive and some simple social engineering can be used to gain access to your entire network. And find out what you can do to keep your network more secure against this threat.
Security Watch: Windows Domain Password Policies
Derek Melber - December 2007
Until now, Windows has allowed only a single password policy per domain. Windows Server 2008, however, lets administrators implement multiple password policies, tailoring different policies for various types of users.
Security Watch: Secure Access Anywhere
John Morello - November 2007
Explore network and security design considerations for an anywhere-access solution using Terminal Service components, and learn some practical methods and best practices for creating a solution with Windows Server 2008.
Security Watch: BitLocker and the Complexities of Trust
Justin Troutman - October 2007
Some people have been skeptical of the cryptographic functionality built into Windows Vista. Here's a look at the design philosophies that went into BitLocker and why it should be taken seriously.
Security Watch: The Long-Term Impact of User Account Control
Jesper M. Johansson - September 2007
For as much coverage as it gets, there are still a lot of questions and misconceptions about User Account Control. Here’s a frank discussion about what UAC is, what it is not, and how it should affect the way you manage systems.
Security Watch: PKI Enhancements in Windows
John Morello - August 2007
In Windows Vista and Windows Server 2008, the Windows PKI platform offers support for advanced algorithms, real time validity checking, and better manageability. Check out the new PKI features and see how they can be used to lower costs while improving security.
Security Watch: Tools for Managing ACLs
Jesper M. Johansson - July 2007
Managing ACLs can be one of the more complicated aspects of protecting the security of your users' systems. Here are some useful utilities to help automate and simplify these tasks.
Security Watch: Network Access Protection
John Morello - May 2007
Rogue devices being used behind the network perimeter pose a serious security risk. Microsoft Network Access Protection provides a flexible architecture for organizations of all sizes to protect themselves from non-compliant computers brought on to the network by employees, vendors, and visitors.
Security Watch: The Security Configuration Wizard
John Morello - April 2007
The Security Configuration Wizard provides an efficient way to secure thousands of servers spread across numerous geographic locations. Here's everything you need to know to start hardening your servers and reducing their attack surface based on the roles they perform.
Security Watch: Deploying EFS: Part 2
John Morello - March 2007
Last month, we looked at the back-end portion of an EFS deployment, discussing the elements that a system administrator will deal with. In this issue, we focus on EFS from the end-users' perspective, exploring enhancements to Windows Explorer and the task of choosing file system locations to be encrypted.
Security Watch: Deploying EFS: Part 1
John Morello - February 2007
Security Watch: Services Hardening in Windows Vista
Wole Moses - January 2007
Security Watch: Deploy a Globally Trusted PKI
John Morello - December 2006
Imagine running your own PKI that combines the benefits of an internal PKI and the key advantages of a globally trusted root. Louisiana State University (LSU) has just such a solution. Take a close look at the technical design of LSU’s implementation and find out best practices for deploying a similar system in your organization.
Security Watch: I Just Got a Security Bulletin. Now What?
Christopher Budd - November 2006
The Microsoft monthly security bulletin has helped foster more mature processes for deploying security updates. Since you know security bulletins are released on a predictable day, you can build your own regular processes for handling them.
Security Watch: Lock Up Your Domain Controllers
Steve Riley - September 2006
Security Watch: The Most Misunderstood Windows Security Setting of All Time
Jesper Johansson - August 2006
Security Watch: Help Wanted—Need "People" People
Jesper Johansson - July 2006
I’m not really a people person. I’ve said so for years. My old college roommate, Joe, had a better way to put it, but the way he said it is unfortunately not suitable for print. Frankly, not being a people person is a good part of the reason I went into IT in the first place.
Security Watch: Establish a Remote Access Quarantine
Steve Riley - March • April 2006
In those good old easy-to-manage pre-mobility days, personal computers presented few actual threats to a network. Sure, there was the occasional virus you’d get from a borrowed floppy disk, but the rate, or at least the speed, of infection was pretty low—limited substantially by the low bandwidth and high latency of "sneakernet" technology.
Security Watch: Why You Should Disable the Administrator Account
Jesper Johansson - January • February 2006
I’ve fielded a lot of questions recently about how to manage the built-in administrator account. I am referring specifically to BUILTIN\Administrator, also known as NT AUTHORITY\Administrator, the account with relative identifier (RID) 500.
Security Watch: A guide to Wireless Security
Kathryn Tewson and Steve Riley - November • December 2005
Setting up a wireless network is incredibly easy. There’s no cable to pull, no holes to drill; just plug in your wireless access point (AP), let your wireless connection manager auto-associate, and you’re online.
Security Watch: Isolate Servers With IPsec
Joseph Davies - Spring 2005
We live in an age of always-connected communication and are able to send e-mail messages or gain access to files, databases, and Web pages at any time, through a proliferation of networking technologies.
Security Watch: Six Free Microsoft Security Resources
Kai Axford - Winter 2005
Microsoft Baseline Security Analyzer, Port Reporter, plus information on Windows XP SP2, Software Update Services, Microsoft security events, and more