Planning for Security just got a whole lot easier
Got this via an email to my district here at Microsoft, so I hope the source of the email doesn’t mind me sharing the public bits with all of you, because this is great stuff!
---
The Microsoft Solutions for Security (MSS) team is proud to announce the release to Web of five new security planning guides:
- The Administrator Accounts Security Planning Guide
- The Secure Access Using Smart Cards Planning Guide
- The Security Monitoring and Attack Detection Planning Guide
- The Services and Service Accounts Security Planning Guide
- Implementing Quarantine Services with Microsoft Virtual Private Network Planning Guide
The Administrator Accounts Security Planning Guide
This guide is designed to be an indispensable resource when organizations plan their strategy to secure administrator-level accounts in Microsoft Windows NT–based operating systems such as Windows Server 2003 and Windows XP. It addresses the problem of intruders who acquire administrator account credentials and then use them to compromise the network. The main goal of this guide is to provide prescriptive guidance in terms of the steps an organization can take to secure local and domain-based administrator-level accounts and groups.
The Secure Access Using Smart Cards Planning Guide
This guide is designed to help IT security professionals understand how to plan and implement secure access using smart cards for administrator accounts and remote access user accounts. It enables the reader to understand how to secure access using smart cards and examines the issues and challenges.
The Security Monitoring and Attack Detection Planning Guide
This guide is designed to help IT security professionals understand how to use the security event logs in Microsoft Windows as the basis for monitoring security and detecting attacks on a network. The guide helps the reader to identify relevant security events and interpret sequences of events that might indicate that an attack is in progress.
The Services and Service Accounts Security Planning Guide
This guide is designed to be an important resource when organizations plan their strategy to run services more securely under the Microsoft® Windows Server 2003™ and Windows® XP operating systems. The guide addresses the common problem of Windows services that are set to run with the highest possible privileges, which an attacker could compromise to gain full and unrestricted access to the computer, domain, or even to the entire forest. It describes ways to identify services that can run with lesser privileges and explains how to downgrade those privileges methodically. This guide can help organizations assess their existing services infrastructure and make some important planning decisions in relation to future service deployments.
Implementing Quarantine Services with Microsoft Virtual Private Network Planning Guide
This guideis designed to help IT security professionals understand how to plan and implement Virtual Private Network (VPN) Quarantine services featured in Windows Server 2003 Service Pack 1. The guide enables the reader to understand the approaches to VPN quarantine and examines the issues faced.
Where to Find the Guides
These guides were developed, reviewed, and approved by teams of authoritative experts in security management. They are available on Technet and the Microsoft Download Center. In addition, the guides are available on the TechNet Security Center at https://www.microsoft.com/technet/security.
---
I hope you find these useful!
What other guides or security guidance would you like to see Microsoft provide?