Regulatory Compliance Planning Guide

My team has now released the Regulatory Compliance Planning Guide. The guide is designed to help IT professionals and others interested in regulatory compliance in a number of ways. • Introduces a more efficient way to address regulatory requirements in your organization. • Outlines the leading thinking in regard to specific IT control requirements related…


Securing Windows 2000 Server Updated 5.31.06

In line with my team’s efforts to make sure the prescriptive guidance we provide is authoritative and up to date, we’ve updated the Securing Windows 2000 Server solution.  It includes information about risk assessment and analysis, securing specific critical Windows 2000 Server roles, and operating a secure environment after the initial lockdown phases have completed. Thanks! Tony….


TechNet link to all MSSC guides

We created a TechNet link so y’all can see an up-front view of our solutions – we’ll update this section as new work gets released. 


Some updates to MSSC guides March-April 2006

My team has made edits / updates to some of our guides: Security Risk Management Guide v1.2 March 16, 2006 The Microsoft Windows NT 4.0 and Windows 98 Threat Mitigation Guide v1.1 March 30, 2006. Windows XP Security Guide v2.2 April 10, 2006. Windows Sever 2003 Security Guide v2.1 April 26, 2006.  


Governance, Compliance and Policies Blog

Bill, one of our colleagues at MS has this blog that has some useful discussions around Governance, Compliance and Policies Blog. TB.  


Jan 06: Least Privilege to User Accounts on Windows XP

The least-privileged user account  (LUA) approach ensures that users follow the principle of least privilege and always log on with limited user accounts. This strategy also aims to limit the use of administrative credentials to administrators, and then only for administrative tasks. Thought y’all might want to see this – fresh off the press today:…