TechNet Magazine RSS Feed:

Cloud Computing: Cloud operations and security

Vic (J.R.) Winkler — 3/1/2013 00:00:00 GMT

March 2013

Recognizing and aggregating patterns is a key to efficient and secure cloud operations.

Security Management: The Scary New Hacking Trend

Phil Lieberman — 3/1/2012 00:00:00 GMT

March 2012

You can mitigate the risks of falling prey to a disturbing new trend in hacking, but you have to be prepared.

Cloud Computing: Trust Management in Virtual Datacenters

Kai Hwang, Jack Dongarra, Geoffrey Fox — 12/21/2011 00:00:00 GMT

December 2011

Within the virtual architecture, there are some special considerations for securing your systems and establishing an organized datacenter.

Utility Spotlight: Secure Access, Secure Your Systems

Lance Whitney — 12/21/2011 00:00:00 GMT

December 2011

The free AccessChk utility can you help ensure your desktop systems are as secure as possible by cross-referencing access rights.

SharePoint Security: The Fundamentals of Securing SharePoint Deployments

Brien Posey — Thu, 01 Apr 2010 00:00:00 GMT

April 2010

Deploying SharePoint isn't the hard part -- deploying it properly and securely takes some careful planning and execution. One size does not fit all with SharePoint.

Microsoft Forefront: Using Microsoft Forefront TMG 2010 as a Secure Web Gateway

Mon, 01 Mar 2010 00:00:00 GMT

March 2010

A detailed look at how to use TMG 2010 to enable safe Internet access and to enhance the end-user experience.

Inside SharePoint: Using Kerberos for SharePoint Authentication

Pav Cherny — Wed, 06 Jan 2010 00:00:00 GMT

January 2010

Kerberos is one of the more popular authentication options in the enterprise. Read this article to see how to get the most out of Kerberos in a SharePoint environment.

Utility Spotlight: Microsoft Security Essentials

Lance Whitney — Wed, 06 Jan 2010 00:00:00 GMT

January 2010

Microsoft's newest security product provides a simple, straightforward security solution that could be ideal for small businesses and home office PCs.

Windows 7: Groovy Security in Windows 7

Steve Riley — Fri, 25 Sep 2009 00:00:00 GMT

October 2009

Security enhancements in Windows 7 mean the OS is not only more securable, it’s more usable as well. Learn how the new features make life easier and more secure for both admins and users.

Toolbox: New Products for IT Pros

Greg Steen — Fri, 25 Sep 2009 00:00:00 GMT

October 2009

Greg Steen discusses encrypting sensitive data with AxCrypt; connecting remotely to your PC with Kavoom! KVM; and discovering unknown file extensions with FILExt.com. He also looks at the book, "Malware Forensics: Investigating and Analyzing Malicious Code," from Syngress.

Inside SharePoint: Protect SharePoint Data

Pav Cherny — Fri, 25 Sep 2009 00:00:00 GMT

October 2009

Pav Cherny looks at the data-protection strategies and options available with SharePoint, focusing on the most issues and how to resolve them.

Geek of all Trades: AppLocker: IT’s First Security Panacea?

Greg Shields — Fri, 25 Sep 2009 00:00:00 GMT

October 2009

There’s still no one-stop solution for fully securing your IT systems, but AppLocker comes really, really close. This article offers insights about the technology’s features and functionality.

Inside SharePoint: Securing External SharePoint Communications

Pav Cherny — Tue, 18 Aug 2009 00:00:00 GMT

September 2009

Protecting SharePoint from the bad guys involves understanding your topology and layering solutions.

User Account Control: Inside Windows 7 User Account Control

Mark Russinovich — Fri, 05 Jun 2009 00:00:00 GMT

July 2009

User Account Control is a set of technologies that has one overall goal: to make it possible for users to run as standard users. In this article, Mark Russinovich explains how the default Windows 7 UAC mode makes a PA user’s experience smoother by reducing prompts, allows them to control what legitimate software can modify their system, and still enables more software to run without administrative rights and continues to shift the software ecosystem to write software that works with standard user rights.

Security Watch: Thoughts on Identity, Part 2

Jesper M. Johansson — Fri, 05 Jun 2009 00:00:00 GMT

July 2009

Security Watch: Thoughts on Identity, Part 2

Windows Confidential: Cached Credentials

Raymond Chen — Fri, 05 Jun 2009 00:00:00 GMT

July 2009

Depending on your point of view, cached credentials can be both a blessing and a curse. Raymond Chen explains how they work and how you can control them.

Security Watch: Thoughts on Identity, Part 1

Jesper M. Johansson — Thu, 30 Apr 2009 00:00:00 GMT

June 2009

In this first part of a two part series, security expert Jesper Johansson delves into the concept of identity - What defines an identity? Who gets to control the information, and how do we ensure it is properly secured?

Security: An Introduction to Security in Windows 7

Chris Corio — Thu, 02 Apr 2009 00:00:00 GMT

May 2009

Windows 7 includes many new features and enhancements to help improve security. Here’s an overview of everything you’ll find, from the new Biometric Framework and AppLocker to improvements for BitLocker and UAC.

Security: PKI Enhancements in Windows 7 and Windows Server 2008 R2

John Morello — Thu, 02 Apr 2009 00:00:00 GMT

May 2009

Windows 7 and Windows Server 2008 R2 introduce PKI enhancements that greatly improve the deployment and operational experience for users, enabling powerful new scenarios while decreasing operational costs. Learn about all the changes to PKI.

Security: Common SQL Server Security Issues and Solutions

Paul S. Randal — Thu, 02 Apr 2009 00:00:00 GMT

May 2009

Have you found yourself inadvertently in charge of a SQL Server database and don’t know all the best practices for making it secure? Paul Randal covers the top 10 security areas you should worry about, detailing common problems and their solutions.

Security: Protect Instant Messaging with Forefront Security

Molly Gilmore — Thu, 02 Apr 2009 00:00:00 GMT

May 2009

As IM becomes ever more popular, it is increasingly important that administrators have a way to keep it secure. Forefront Security for Office Communication Server provides effective protection against instant messaging-targeted malware or other prohibited content within an OCS 2007 environment.

Security: Protect E-Mail with Forefront Security

Neetu Rajpal — Thu, 02 Apr 2009 00:00:00 GMT

May 2009

Neetu Rajpal introduces the next generation of Forefront Security for Exchange, a premium anti-malware product that protects e-mail that flows through Exchange server environments.

Inside SharePoint: Integrate Information Rights Management into SharePoint

Pav Cherny — Thu, 02 Apr 2009 00:00:00 GMT

May 2009

Continuing last month’s discussion about SharePoint integration with AD RMS, this column show you how to establish an AD RMS pre-production development environment, compile the IRM protectors, and integrate the compiled components into WSS 3.0.

Geek of all Trades: Control Network Access Using DHCP Enforcement

Greg Shields — Thu, 02 Apr 2009 00:00:00 GMT

May 2009

NAP monitors the health of specified computers when they attempt to connect to a network and includes a number of mechanisms to enforce health requirements. This article gives readers an overview of these enforcement mechanisms and, as an example, takes a closer look at setting up DHCP enforcement

Desktop Files: Revisiting the Microsoft Desktop Optimization Pack

Wes Miller — Thu, 02 Apr 2009 00:00:00 GMT

May 2009

Wes Miller updates his 2007 article on the Microsoft Desktop Optimization Pack, a collection of valuable components that can can save your IT department a lot of time and effort. All of the components have been enhanced—and something new has been added.

Security Watch: The Challenge of Information Security Management, Part 1

Jesper M. Johansson — Thu, 05 Mar 2009 00:00:00 GMT

April 2009

The first in an ongoing series, Jesper Johansson discusses the broad and varied challenges faced in the field of Information Security Management and the keys to planning a sound InfoSec strategy.

Office Communications Server: Securing OCS with ISA Server

Alan Maddison — Thu, 05 Feb 2009 00:00:00 GMT

March 2009

To securely extend your OCS 2007 infrastructure to remote users and organizations, you need to deploy one or more Edge Servers and provide reverse proxy access to these servers. Here’s what you need to know to use and configure ISA Server 2006 as a reverse proxy for your OCS deployment.

Inside SharePoint: Updating Security Account Credentials

Pav Cherny — Thu, 05 Feb 2009 00:00:00 GMT

March 2009

The second of a two-part series, this installment discusses how automating password changes for SharePoint security accounts is complicated despite the fact that the SharePoint object model includes the necessary logic to carry out credential updates.

Desktop Files: Mitigating Circumstances

Wes Miller — Thu, 05 Feb 2009 00:00:00 GMT

March 2009

It’s not enough to simply wait for security problems to surface and then try to eliminate them. Wes Miller explains how real security involves proactively seeking out the root causes of vulnerabilities and fixing them.

Inside SharePoint: Maintaining Security Account Credentials

Pav Cherny — Wed, 07 Jan 2009 00:00:00 GMT

February 2009

In the first part of a two-part series on the standard procedures and tools for maintaining SharePoint security accounts, Pav Cherny explores the architectural details and the complicated process of accomplishing password changes.

Security Watch: Malware Inspection at the Perimeter

Yuri Diogenes, Mohit Saxena, and Jim Harrison — Wed, 07 Jan 2009 00:00:00 GMT

February 2009

Learn how to use the Malware Inspection feature of the Microsoft Forefront Threat Management Gateway to mitigate threats at your perimeter.

Inside SharePoint: SharePoint Security Accounts

Pav Cherny — Wed, 14 Jan 2009 14:58:07 GMT 00:00:00 GMT

January 2009

Take a close look at SharePoint Security Accounts to see how a weak configuration can give an attacker full control over all site collections and sites.

Security Watch: Subjects and Security Principals

Jesper M. Johansson — Wed, 14 Jan 2009 14:58:07 GMT 00:00:00 GMT

January 2009

Security principals underlie so much of Windows security that it is essential for any administrator to have at least a basic understanding of how the various types of Security principals work and how they are used. Here's what you need to know.

Interop: Managing the Root Password on Your Mac

Chris Stoneff — Wed, 19 Nov 2008 13:37:48 GMT 00:00:00 GMT

December 2008

How do you give your Mac users the rights they need on an as-needed basis and improve security at the same time? Surprisingly, by enabling the root account. Find out how.

Security Watch: Revisiting the 10 Immutable Laws of Security, Part 3

Jesper M. Johansson — Wed, 19 Nov 2008 13:37:48 GMT 00:00:00 GMT

December 2008

It's been about 8 years since "The 10 Immutable Laws of Security" were first published, and a lot has changed since then. In part three of this series, Jesper Johansson wraps up his analysis of the immutable laws to see if they still hold true after all this time.

Security Watch: Revisiting the 10 Immutable Laws of Security, Part 2

Jesper M. Johansson — Wed, 01 Oct 2008 00:00:00 GMT

November 2008

It's been about 8 years since "The 10 Immutable Laws of Security" were first published, and a lot has changed since then. In this installment, Jesper Johansson continues his analysis of the the immutable laws to see if they still hold true after 8 years.

Security Watch: Revisiting the 10 Immutable Laws of Security, Part 1

Jesper M. Johansson — Wed, 03 Sep 2008 00:00:00 GMT

October 2008

It's been about 8 years since "The 10 Immutable Laws of Security" were first published, and a lot has changed since then. This month, Jesper Johansson kicks off a three-part series in which he analyzes the laws from today's perspective to see if they still hold true.

ISA Server: A Guide to Securing ISA Server 2006

Alan Maddison — Fri, 01 Aug 2008 15:12:47 GMT 00:00:00 GMT

September 2008

Many organizations rely on ISA Server 2006 to secure their environment, but few take the important step of securing ISA Server itself. Here’s a guide to using the Security Configuration Wizard and Administrative roles to limit its attack surface and secure your ISA Server 2006 implementation.

ISA Server: Enhance TS Gateway Security with ISA Server 2006

Dr. Thomas W. Shinder and Yuri Diogenes — Fri, 01 Aug 2008 15:12:47 GMT 00:00:00 GMT

September 2008

Using the new TS Gateway feature, Windows Server 2008 enables users to access their desktops from anywhere, without using a VPN. Find out how you can publish the TS Gateway through ISA Server 2006 and extend the ISA Server 2006 publishing scenario to include client health enforcement.

Security: Understanding Shared Account Password Management

Chris Stoneff — Fri, 01 Aug 2008 15:12:47 GMT 00:00:00 GMT

September 2008

Shared and privileged account passwords are commonplace, but far too many organizations fail to adequately manage these shared passwords. This creates a serious security issue. Explore the risks involved with shared and privileged accounts, and discover better approaches to managing more secure passwords.

Security Watch: Passwords and Credit Cards, Part 3

Jesper M. Johansson — Fri, 01 Aug 2008 15:12:47 GMT 00:00:00 GMT

September 2008

In the final part of this three part series, Jesper Johansson looks at how software vendors, security suites, and marketing efforts hinder true security efforts and he warns us about how these practices can lead to the collapse of the technology security ecosystem.

Security Watch: Passwords and Credit Cards, Part 2

Jesper M. Johansson — Tue, 01 Jul 2008 00:00:00 GMT

August 2008

In the second part of this three part series, Jesper Johansson looks at how software vendors, security suites, and marketing efforts hinder true security efforts and he warns us about how these practices can lead to the collapse of the technology security ecosystem.

Security Watch: Passwords and Credit Cards, Part 1

Jesper M. Johansson — Tue, 10 Jun 2008 00:00:00 GMT

July 2008

The first installment in a three part series looking at how common security-related advice and common practices are outdated and actually hinder security efforts.

Security: The Great Debate: Security by Obscurity

Jesper M. Johansson and Roger Grimes — Wed, 30 Apr 2008 00:00:00 GMT

June 2008

Security by obscurity involves taking measures that don't remove an attack vector but instead conceal it. Some argue that this is a bad practice while others claim that as part of a larger strategy, every bit counts. The debate is quite heated, and some of our finest security experts face off, explaining security by obscurity and presenting both sides of the debate.

Security: New Elevation PowerToys for Windows Vista

Michael Murgolo — Wed, 30 Apr 2008 00:00:00 GMT

June 2008

Michael Murgolo is back with an update to his Elevation PowerToys. You'll find enhanced Run as Administrator functionality that works with third-party scripting tools, a way to replace a handy Windows XP feature removed from Windows Vista, and many more useful tools.

Security: Advances in BitLocker Drive Encryption

Byron Hynes — Wed, 30 Apr 2008 00:00:00 GMT

June 2008

Windows Vista SP1 and Windows Server 2008 introduce important changes to BitLocker, including support for data volumes and improved protection against cryptographic attacks. Byron Hynes explores the new features, demonstrates how to use BitLocker on a server, and discusses some of the recent media coverage affecting BitLocker.

Security: Application Lockdown with Software Restriction Policies

Chris Corio and Durga Prasad Sayana — Wed, 30 Apr 2008 00:00:00 GMT

June 2008

When you want to reduce the total cost of ownership of the desktop machines in your organization, application lockdown can be a great help, letting you limit IT issues related to unsupported applications. See how you can use software restriction policies and Group Policy to control the applications being run throughout your IT infrastructure.

Security: Managing the Windows Vista Firewall

Jesper M. Johansson — Wed, 30 Apr 2008 00:00:00 GMT

June 2008

The recent update to the Windows Vista Firewall offers some impressive new features that make it a compelling choice for the corporate environment. Jesper M. Johansson gives a brief overview of the evolution of the Windows Firewall and delves into enhancements—such as new rules and profiles, domain isolation, and encryption—that will have administrators taking a closer look.

Security: Secure E-Mail Using Digital Certificates

Matt Clapham and Blake Hutchinson — Wed, 30 Apr 2008 00:00:00 GMT

June 2008

Secure Multi-Purpose Internet Mail Extensions let you hide information in transit, validate senders, and authenticate messages. Learn how to secure e-mail using digital certificates and how to troubleshoot problems you may encounter on your S/MIME system.

Windows Vista: Top Security Features in Windows Vista

Anthony (A.J.) Smith and Ned Gnichtel — Wed, 30 Apr 2008 00:00:00 GMT

June 2008

Why should you upgrade to Windows Vista? Among many reasons, the new security features make it a must-have. This article explores some of the major security features introduced in Windows Vista.

The Desktop Files: Security vs. Compliance

Wes Miller — Wed, 30 Apr 2008 00:00:00 GMT

June 2008

IT professionals often find themselves with objectives that contradict one another. Take a look at how being compliant often comes at the expense of being less secure.

Security Watch: Principles of Quantum Security

Jesper M. Johansson — Wed, 02 Apr 2008 00:00:00 GMT

May 2008

Find out how the Heisenberg Uncertainty Principle and other elements of quantum physics can shed light on evolving security strategies. (Note: No cats were harmed in the writing of this article.)

The Desktop Files: Leaving the Administrator Behind

Wes Miller — Wed, 02 Apr 2008 00:00:00 GMT

May 2008

Why is everyone running as Administrator? Wes Miller looks at the risks of running as Administrator and explores the benefits of transitioning your users (including yourself) to running as Users.

SQL Server 2008: Security

Rick Byham — Wed, 05 Mar 2008 00:00:00 GMT

April 2008

Security continues to be an area of deliberate improvement for SQL Server. Explore some of the most important security-related changes you’ll find in SQL Server 2008, from encryption and authentication enhancements to Policy-Based Management and the new auditing system that will help with regulatory requirements.

The Cable Guy: Troubleshooting NAP Enforcement

Joseph Davies — Wed, 05 Mar 2008 00:00:00 GMT

April 2008

Troubleshooting enforcement behaviors in the Network Access Protection platform can be challenging. The Cable Guy explains how NAP health policy evaluation works and how you can troubleshoot the most common issues.

Security Watch: Where Is My PII?

Frank Simorjay — Wed, 05 Mar 2008 00:00:00 GMT

April 2008

Before you can effectively protect your Personally Identifiable Information, you must know where it’s stored on your PC. Here's a look at how to write scripts that will locate personal data stored on your computer. You just might be surprised at what these scripts uncover.

Security Watch: Using SCW on Windows Server 2008

Jesper M. Johansson — Wed, 06 Feb 2008 00:00:00 GMT

March 2008

You've heard about the new Server Manager tool in Windows Server 2008. But the Security Configuration Wizard (SCW) is still available, as well. Find out why you will still want to use SCW.

Security Watch: Island Hopping: Mitigating Undesirable Dependencies

Jesper M. Johansson — Tue, 05 Feb 2008 11:13:27 GMT 00:00:00 GMT

February 2008

Unwanted security dependencies can expose your entire network to attacks. Find out how security dependencies work so you can analyze dependencies in your environment and resolve potential problems.

Security Watch: Island Hopping: The Infectious Allure of Vendor Swag

Jesper M. Johansson — Mon, 03 Dec 2007 00:00:00 GMT

January 2008

Security threats don't just come from e-mail and malicious Web sites. See how a USB thumb drive and some simple social engineering can be used to gain access to your entire network. And find out what you can do to keep your network more secure against this threat.

Security: A Guide to Basic Computer Forensics

Tom Cloward and Frank Simorjay — Mon, 05 Nov 2007 00:00:00 GMT

December 2007

Learn about easy, cheap approaches to computer forensics that mainstream administrators can use for basic investigations.

Networking: The Microsoft Security Intelligence Report

Tim Rains — Mon, 05 Nov 2007 00:00:00 GMT

December 2007

Microsoft gathers a lot of data on security threats faced by computer users. Get an overview of recent trends, how various versions of Windows have been performing, which regions of the world are most affected, and more.

Utility Spotlight: The Microsoft Security Assessment Tool

Lance Whitney — Mon, 05 Nov 2007 00:00:00 GMT

December 2007

This free utility and electronic questionnaire can help mid-sized organizations identify and resolve network security risks.

Security Watch: Windows Domain Password Policies

Derek Melber — Mon, 05 Nov 2007 00:00:00 GMT

December 2007

Until now, Windows has allowed only a single password policy per domain. Windows Server 2008, however, lets administrators implement multiple password policies, tailoring different policies for various types of users.

Communications: Exchange Edge Transport Servers at Microsoft: Part 2

Kay Unkroth — Mon, 08 Oct 2007 00:00:00 GMT

November 2007

Exchange Edge Transport servers can help you create a more reliable and secure messaging environment. We showed you how to configure these servers in Part 1, now we'll take you through some detailed examples of how key features help improve your messaging environment.

Networking: Configure VPN Remote Access with ISA Server 2006

Alan Maddison — Mon, 08 Oct 2007 00:00:00 GMT

November 2007

A virtual private network can provide improved connectivity and increased productivity—and it doesn't need to be difficult to implement and manage. Find out how you can use ISA Server 2006 to address two common VPN scenarios.

Security Watch: Secure Access Anywhere

John Morello — Mon, 08 Oct 2007 00:00:00 GMT

November 2007

Explore network and security design considerations for an anywhere-access solution using Terminal Service components, and learn some practical methods and best practices for creating a solution with Windows Server 2008.

Communications: Exchange Edge Transport Servers at Microsoft

Kay Unkroth — Mon, 24 Sep 2007 00:00:00 GMT

October 2007

How does Microsoft ensure delivery of legitimate messages to employees while keeping the flood of malicious content away from the messaging envrionment? One way is by deploying Exchange Server 2007 Edge Transport servers and Forefront Security for Exchange Server. Find out how these technologies can keep your organization safe.

Security Watch: BitLocker and the Complexities of Trust

Justin Troutman — Mon, 24 Sep 2007 00:00:00 GMT

October 2007

Some people have been skeptical of the cryptographic functionality built into Windows Vista. Here's a look at the design philosophies that went into BitLocker and why it should be taken seriously.

Windows PowerShell: Securing the Shell

Don Jones — Wed, 01 Aug 2007 00:00:00 GMT

September 2007

When designing Windows PowerShell, Microsoft gave security a leading role. And it shows. Take a look at some of the key security features and settings, such as credential handling and execution policies, that ensure Windows PowerShell won’t fall game to the same problems that VBScript enabled.

Security Watch: The Long-Term Impact of User Account Control

Jesper M. Johansson — Wed, 01 Aug 2007 00:00:00 GMT

September 2007

For as much coverage as it gets, there are still a lot of questions and misconceptions about User Account Control. Here’s a frank discussion about what UAC is, what it is not, and how it should affect the way you manage systems.

Security Watch: PKI Enhancements in Windows

John Morello — Mon, 02 Jul 2007 00:00:00 GMT

August 2007

In Windows Vista and Windows Server 2008, the Windows PKI platform offers support for advanced algorithms, real time validity checking, and better manageability. Check out the new PKI features and see how they can be used to lower costs while improving security.

Communications: Improve Security with Windows Mobile 6

Matt Fontaine — Thu, 28 Jun 2007 00:00:00 GMT

July 2007

While smartphones and PDAs offer access to the network from outside the office, they can also expose the network to new vulnerabilities. Here’s a guide to how Windows Mobile 6 and Exchange Server can help protect your company’s mobile devices and infrastructure.

Communications: Log onto Outlook Web Access with Smart Cards

Victor Akinnagbe, Ted Dressel, and Jason Opdycke — Thu, 28 Jun 2007 00:00:00 GMT

July 2007

One of the most vulnerable links in the security chain has to do with weak, easily compromised passwords. Learn how you can improve e-mail security by implementing two-factor smart card authentication for your mobile users.

Windows Administration: The ActiveX Installer Service in Windows Vista

Rob Campbell and Joel Yoker — Thu, 28 Jun 2007 00:00:00 GMT

July 2007

How do you secure the desktop against malicious ActiveX controls without limiting application compatibility? We’ll take you on a tour of the ActiveX Installer Service (AxIS) in Windows Vista that addresses this issue with a new way to manage ActiveX controls.

Security Watch: Tools for Managing ACLs

Jesper M. Johansson — Thu, 28 Jun 2007 00:00:00 GMT

July 2007

Managing ACLs can be one of the more complicated aspects of protecting the security of your users' systems. Here are some useful utilities to help automate and simplify these tasks.

Security: Inside Windows Vista User Account Control

Mark Russinovich — Mon, 11 Jun 2007 00:00:00 GMT

June 2007

User Account Control, or UAC, is one of the most misunderstood new features in Windows Vista. But its goal—to enable users to run with standard user rights—can solve many security issues. Get an inside look at the problems UAC is designed to address and see exactly how this new feature works.

Security: Keys to Protecting Data with BitLocker Drive Encryption

Byron Hynes — Mon, 11 Jun 2007 00:00:00 GMT

June 2007

BitLocker serves two very important purposes: it provides both full-volume data encryption and a way to validate the integrity of early startup components before Windows Vista starts. Get an overview of how BitLocker works and see how it can help you protect your organization.

Security: Exploring The Windows Firewall

Steve Riley — Mon, 11 Jun 2007 00:00:00 GMT

June 2007

Mobility has changed computer threats and the techniques that guard against them. As laptops wander outside the perimeter and come back to the network, you need better ways to protect your systems. Find out how you can use Windows Firewall to protect your computers—on the Internet and on your own internal network.

Security: New ACLs Improve Security in Windows Vista

Jesper M. Johansson — Mon, 11 Jun 2007 00:00:00 GMT

June 2007

While ACLs haven’t had a major overhaul, there are a number of important changes you need to know about when managing ACLs in a Windows Vista environment. Discover how 30 ACLs have changed to improve security, find out how they will impact your organization, and learn how to manage these changes in your infrastructure.

Security: Managing Hardware Restrictions via Group Policy

Jeremy Moskowitz — Mon, 11 Jun 2007 00:00:00 GMT

June 2007

USB thumb-disk keys and other removable devices can make your personal life easier but your professional life harder. For improved security, you need a way to control what hardware devices your users are installing on their work systems. Now you can use Group Policy to control which devices they can use and which ones they can’t.

Security: 4 Security Technologies Every IT Organization Must Have

Matt Clapham and Todd Thompson — Mon, 11 Jun 2007 00:00:00 GMT

June 2007

Most businesses share similar security issues. In today’s connected world, there are four general types of security tools that every organization absolutely must have. Find out what these tools are and explore how the technologies involved may work together in the future to create the ideal security solution.

Security: A Powerful New Tool for Certificate Management

Kevin Dallmann — Mon, 11 Jun 2007 00:00:00 GMT

June 2007

Certificates are a key component in your infrastructure— when one expires, productivity can come to a halt. If you rely on a Microsoft PKI environment, the new Identity Lifecycle Manager Certificate Management (ILM-CM) solution can help keep things running smoothly. Find out how this tool can help you improve authentication processes and reduce certificate management costs.

The Desktop Files: How Not to Lose Your Data

Wes Miller — Mon, 11 Jun 2007 00:00:00 GMT

June 2007

It’s surprising how often important data is lost. But the reality is that information is lost because people fail to protect it. Explore the important steps you can and must take to secure your organization's data.

Security Watch: Network Access Protection

John Morello — Wed, 25 Apr 2007 00:00:00 GMT

May 2007

Rogue devices being used behind the network perimeter pose a serious security risk. Microsoft Network Access Protection provides a flexible architecture for organizations of all sizes to protect themselves from non-compliant computers brought on to the network by employees, vendors, and visitors.

Security Watch: The Security Configuration Wizard

John Morello — Tue, 06 Mar 2007 00:00:00 GMT

April 2007

The Security Configuration Wizard provides an efficient way to secure thousands of servers spread across numerous geographic locations. Here's everything you need to know to start hardening your servers and reducing their attack surface based on the roles they perform.

Security Watch: Deploying EFS: Part 2

John Morello — Mon, 29 Jan 2007 00:00:00 GMT

March 2007

Last month, we looked at the back-end portion of an EFS deployment, discussing the elements that a system administrator will deal with. In this issue, we focus on EFS from the end-users' perspective, exploring enhancements to Windows Explorer and the task of choosing file system locations to be encrypted.

Windows Administration: Delegating Authority in Active Directory

Joel Yoker and Rob Campbell — Thu, 21 Dec 2006 00:00:00 GMT

February 2007

Implementing delegation in Active Directory can enhance security and simplify management tasks, and getting started is easier than you think. Here are some simple delegation models that will work in most IT infrastructures with little modification.

Windows Administration: Gaming in a Secure Environment

Matt Clapham — Thu, 21 Dec 2006 00:00:00 GMT

February 2007

Whether you’re busy at work or doing some serious gaming at home, running as a limited user has many security benefits. Unfortunately, some games don’t want to work when they’re not run as administrator. Here’s a look at some common problems and their solutions.

Security Watch: Deploying EFS: Part 1

John Morello — Thu, 21 Dec 2006 00:00:00 GMT

February 2007

Security Watch: Deploying EFS: Part 1

SharePoint: 7 New Features That Enhance Security in SharePoint

Adam Robert Buenz — Fri, 01 Dec 2006 00:00:00 GMT

January 2007

With SharePoint tapping into more enterprise data and becoming more integral to business workflow, security becomes far more critical. Find out how these seven new features in MOSS can quickly improve security in your organization.

Security Watch: Services Hardening in Windows Vista

Wole Moses — Fri, 01 Dec 2006 00:00:00 GMT

January 2007

Security Watch: Services Hardening in Windows Vista

Security Watch: Deploy a Globally Trusted PKI

John Morello — Mon, 06 Nov 2006 00:00:00 GMT

December 2006

Imagine running your own PKI that combines the benefits of an internal PKI and the key advantages of a globally trusted root. Louisiana State University (LSU) has just such a solution. Take a close look at the technical design of LSU’s implementation and find out best practices for deploying a similar system in your organization.

Windows Vista: Protect Your PC with New Security Features in Windows Vista

Justin Harrison — Fri, 29 Sep 2006 00:00:00 GMT

November 2006

Developed according to the Microsoft Security Development Lifecycle guidelines, Windows Vista offers a level of security not built into earlier versions of Windows. Take a look at the new and enhanced features Windows Vista offers to help you detect and prevent security threats.

Windows Vista: Achieve the Non-Admin Dream with User Account Control

Alex Heaton — Fri, 29 Sep 2006 00:00:00 GMT

November 2006

While limiting user privileges is a good way to help protect your systems, non-admin accounts can be inconvenient, introducing problems such as application compatibility issues. Windows Vista offers new features that make it easier for you to manage and support standard user accounts

Security Watch: I Just Got a Security Bulletin. Now What?

Christopher Budd — Fri, 29 Sep 2006 00:00:00 GMT

November 2006

The Microsoft monthly security bulletin has helped foster more mature processes for deploying security updates. Since you know security bulletins are released on a predictable day, you can build your own regular processes for handling them.

System Management: Monitoring Security Events with MOM

John Orefice — Tue, 22 Aug 2006 00:00:00 GMT

September 2006

Looking for ways to maintain regulatory compliance? Learn how you can use MOM Management Packs to monitor security events and report data as required by HIPAA and Sarbanes-Oxley.

Utility Spotlight: Access-Based Enumeration

James D. Silliman — Tue, 22 Aug 2006 00:00:00 GMT

September 2006

As a systems administrator, you've probably had users complain that they can't access certain folders they see in Windows® Explorer. The cause is often simple: the user doesn't have permission to open those resources.

Security Watch: Lock Up Your Domain Controllers

Steve Riley — Tue, 22 Aug 2006 00:00:00 GMT

September 2006

Security Watch: Lock Up Your Domain Controllers

Windows Administration: Problems of Privilege: Find and Fix LUA Bugs

Aaron Margosis — Tue, 25 Jul 2006 00:00:00 GMT

August 2006

Windows Administration: Problems of Privilege: Find and Fix LUA Bugs

How IT Works: Certificate Services

Randy Muller — Tue, 25 Jul 2006 00:00:00 GMT

August 2006

How IT Works: Certificate Services

Security Watch: The Most Misunderstood Windows Security Setting of All Time

Jesper M. Johansson — Tue, 25 Jul 2006 00:00:00 GMT

August 2006

Security Watch: The Most Misunderstood Windows Security Setting of All Time

Managing Identity: Extreme VPN Makeover

David Conrad — Tue, 27 Jun 2006 00:00:00 GMT

July 2006

Who decided that Virtual Private Networks, or VPNs, were a good idea? With VPNs, we could let armies of mobile workers with "legitimate" business needs connect to our nice corporate

Managing Identity: The InfoCard Identity Revolution

Keith Brown — Tue, 27 Jun 2006 00:00:00 GMT

July 2006

Managing Identity: The InfoCard Identity Revolution

Utility Spotlight: The Shared Computer Toolkit

Jeremy Moskowitz — Tue, 27 Jun 2006 00:00:00 GMT

July 2006

One of the most common requests I get at my Group Policy forum, GPanswers. com, is how to take machines and "lock them down. " People want to ensure their machines can’t be broken by Joe User or Harry Badguy.

Security Watch: Help Wanted—Need "People" People

Jesper M. Johansson — Tue, 27 Jun 2006 00:00:00 GMT

July 2006

I’m not really a people person. I’ve said so for years. My old college roommate, Joe, had a better way to put it, but the way he said it is unfortunately not suitable for print. Frankly, not being a people person is a good part of the reason I went into IT in the first place.

Special Report: Security: Deconstructing Common Security Myths

Jesper M. Johansson and Steve Riley — Wed, 26 Apr 2006 00:00:00 GMT

May • June 2006

Special Report: Security: Deconstructing Common Security Myths

Security: First Look: New Security Features in Windows Vista

Chris Corio — Wed, 26 Apr 2006 00:00:00 GMT

May • June 2006

Security: First Look: New Security Features in Windows Vista

Security: Behind The Scenes: How Microsoft Built a Unified Approach to Windows Security

Robert Hensing — Wed, 26 Apr 2006 00:00:00 GMT

May • June 2006

Security: Behind The Scenes: How Microsoft Built a Unified Approach to Windows Security

Security: 19 Smart Tips for Securing Active Directory

Sean Deuby — Wed, 26 Apr 2006 00:00:00 GMT

May • June 2006

Does Active Directory keep you up at night? One could easily understand why. It is most likely the largest and most critical distributed system in your enterprise. Along with

Security: Reduce Your Risk: 10 Security Rules To Live By

Wes Miller — Wed, 26 Apr 2006 00:00:00 GMT

May • June 2006

Security: Reduce Your Risk: 10 Security Rules To Live By

Security: Group Policy: Ins And Outs Of Delegation And Control

Jeremy Moskowitz — Wed, 26 Apr 2006 00:00:00 GMT

May • June 2006

Security: Group Policy: Ins And Outs Of Delegation And Control

Serving the Web: Nine Tips to Enhance IIS Security

Brett Hill — Wed, 26 Apr 2006 00:00:00 GMT

May • June 2006

Securing your IIS 6.0 installation is an important task. The amount of work required can vary greatly depending on the complexity of your application as well as your infrastructure and how these combine with your need to secure content.

TechNet Update: Tools from the TechNet Security Center

Geof Wheelwright — Wed, 26 Apr 2006 00:00:00 GMT

May • June 2006

You are probably all too aware that IT security is about much more than just installing a few key tools and applications and then keeping current with security updates. You not only have to keep your systems secure on a day-to-day basis by taking the right preventative measures and having the most appropriate security and management tools, but you also have to find ways to foresee future threats and implement strategies to combat them.

Windows Confidential: The Intranet Can Be a Scary Place

Raymond Chen — Wed, 26 Apr 2006 00:00:00 GMT

May • June 2006

If you’ve installed Windows Server™ 2003, you’ve probably discovered that Microsoft® Internet Explorer® doesn’t behave quite the same as it used to. You get prompted for your domain password more often, script doesn’t run, downloading from Web Folders is blocked—it’s just not fun.

Desktop Deployment: Design More Secure Desktop Deployments

Shelly Bird — Tue, 28 Feb 2006 00:00:00 GMT

March • April 2006

Desktop Deployment: Design More Secure Desktop Deployments

Security Watch: Establish a Remote Access Quarantine

Steve Riley — Tue, 28 Feb 2006 00:00:00 GMT

March • April 2006

In those good old easy-to-manage pre-mobility days, personal computers presented few actual threats to a network. Sure, there was the occasional virus you’d get from a borrowed floppy disk, but the rate, or at least the speed, of infection was pretty low—limited substantially by the low bandwidth and high latency of "sneakernet" technology.

Inside Microsoft.com: Analyzing Denial of Service Attacks

Paul Wright — Tue, 28 Feb 2006 00:00:00 GMT

March • April 2006

If you’ve been following this column, you know how big Microsoft. com is. If not, you can probably imagine. On average, the site reaches over 13 million unique users per day, and about 289 million per month.

Windows Confidential: An Administrator Is Not the Administrator

Raymond Chen — Tue, 28 Feb 2006 00:00:00 GMT

March • April 2006

I came across a report from a user who was trying to set the owner of a file to "Administrator. " The user was unable to do this even though he was logged on as an administrator. Why won’t the system let an administrator change the owner of a file to Administrator? Don’t administrators have permission to take ownership of files?.

Security Watch: Why You Should Disable the Administrator Account

Jesper M. Johansson — Tue, 03 Jan 2006 00:00:00 GMT

January • February 2006

I’ve fielded a lot of questions recently about how to manage the built-in administrator account. I am referring specifically to BUILTIN\Administrator, also known as NT AUTHORITY\Administrator, the account with relative identifier (RID) 500.

How IT Works: NTFS Permissions, Part 2

Richard Civil — Tue, 03 Jan 2006 00:00:00 GMT

January • February 2006

While security is essential in today’s network, unfortunately some administrators think they are secure if they just have a good firewall. Various studies suggest that up to 65 percent of all network compromises happen from inside the firewall.

Legal Briefs: Breach Notification Laws

Don McGowan — Tue, 03 Jan 2006 00:00:00 GMT

January • February 2006

It’s almost impossible to read the news these days without running into a piece about computer security, compromised personal information, and bills written to protect consumer rights. Confidential information being inappropriately accessed and used is not a new problem.

Web Administration: Improve Your Web Security With Encryption And Firewall Technologies

Stephen Lamb — Tue, 01 Nov 2005 00:00:00 GMT

November • December 2005

If you're like most IT professionals, your work life is an ongoing balancing act in which you aim to adopt the latest technological innovations while keeping your enterprise secure. So you welcome any software that makes the whole

Field Notes: Real Pros Don't Run as Normal User

Shelly Bird — Tue, 01 Nov 2005 00:00:00 GMT

November • December 2005

Real techs think they have got to log in with the rights of a higher power on their system, even to check their e-mail or surf the Web. Ditto for developers, doctors, and everyone else who is convinced their job is important and requires full-blown Administrator privileges.

Post Mortem: Securing a Government Agency with Smart Cards

John Morello — Tue, 01 Nov 2005 00:00:00 GMT

November • December 2005

Homeland Security Presidential Directive 12 (HSPD12) requires Federal government agencies to begin utilizing strong, two-factor authentication for physical and logical access to Federal buildings and computer systems.

How IT Works: NTFS Permissions

Richard Civil — Tue, 01 Nov 2005 00:00:00 GMT

November • December 2005

Several years ago I got quite a surprise while fixing the permissions on a client’s file server. One of the users had Write permission on several files and folders in one branch of the directory tree.

Windows Administration: 10 Easy Ways To Lock Down Your Computer

Derek Melber — Tue, 03 May 2005 00:00:00 GMT

Spring 2005

Here are 10 important Group Policy settings you can start using for more secure user passwords, authentication, user privileges, and persistence of GPO settings.

Security Watch: Isolate Servers With IPsec

Joseph Davies — Tue, 03 May 2005 00:00:00 GMT

Spring 2005

We live in an age of always-connected communication and are able to send e-mail messages or gain access to files, databases, and Web pages at any time, through a proliferation of networking technologies.

Anatomy Of A Hack: How A Criminal Might Infiltrate Your Network

Jesper M. Johansson — Tue, 02 Nov 2004 00:00:00 GMT

Winter 2005

From elevating privileges to running SQL injection attacks, the criminal hacker has quite a few tricks up his sleeve. You'd better know what they are if you're going to keep this malevolent character out of your network.

Theft On The Web: Theft On The Web: Prevent Session Hijacking

Kevin Lam, David LeBlanc, and Ben Smith — Tue, 02 Nov 2004 00:00:00 GMT

Winter 2005

There's a variety of ways that bad guys can take control of your network sessions, and they can do a lot of damage once they do take over. They can steal credit card information, user names, passwords, and more. Find out how to thwart their attempts before it's too late.

Beat Hackers At Their Own Game With A Hackerbasher Site

Marnie Hutcheson — Tue, 02 Nov 2004 00:00:00 GMT

Winter 2005

Wouldn't it be great if you could turn the tables on Web site hack attempts by diverting them to a dead end where you can log all the information the attacker left behind? Here's how you can construct your own web to snare would-be attackers.

The Day After: The Day After: Your First Response To A Security Breach

Kelly J. Cooper — Tue, 02 Nov 2004 00:00:00 GMT

Winter 2005

They don't call it a post mortem for nothing. After an attack, it's best to assess the situation quickly, before facts slip away and the trail goes cold. Learn what makes a good post-hack post mortem.

Get Smart!: Get Smart! Boost Your Network's IQ With Smart Cards

Brian Komar — Tue, 02 Nov 2004 00:00:00 GMT

Winter 2005

Get Smart!: Get Smart! Boost Your Network's IQ With Smart Cards

Get Smart!: Five Lessons From The Microsoft Security Center Of Excellence

Aaron Turner — Tue, 02 Nov 2004 00:00:00 GMT

Winter 2005

Dissecting the paths leading up to Slammer, Blaster, Sasser, and Code Red has allowed the Security Center of Excellence to help customers avoid such chaos in the future.

Utility Spotlight: Analyze Security Descriptors with searchSd

TechNet Magazine Staff — Tue, 02 Nov 2004 00:00:00 GMT

Winter 2005

Your IT department is interested in conducting security audits. The group wants to have statistics generated about the usage of access control entries (ACEs) in their domain deployment. They want to be able to run a job every Sunday at 1:00 A.

Office Space: Information Rights Management In Office 2003

Alok Mehta — Tue, 02 Nov 2004 00:00:00 GMT

Winter 2005

Today's knowledge workers deal with sensitive information all the time. This information comes in a variety of formats such as Microsoft Word, Excel, PowerPoint®, and e-mail documents, and it must all be protected from unauthorized access and distribution.

Serving the Web: Essential Security Administration For IIS 6.0

Brett Hill — Tue, 02 Nov 2004 00:00:00 GMT

Winter 2005

IIS 5. 0 administrators are familiar with the important security-related tasks required to harden and maintain a secure Web services environment. The many new features and capabilities of IIS 6. 0, available with every version of Windows Server™ 2003, renders the previous version obsolete.

Resources: IIS 6.0 Security

Phil Sherwood — Tue, 02 Nov 2004 00:00:00 GMT

Winter 2005

In today's business environment, most organizations are using Web servers to extend products and services to both internal and external customers. At the same time, attackers are increasing their relentlessness and sophistication.