Chapter 5, "Understanding SMS Security," introduces important concepts underlying SMS security. Familiarize yourself with these concepts and examine your current security procedures before planning your SMS security strategy.

Collect information about your organization's security policies, such as:

  • Account password policies (age, length).

  • Account cycling policies (account expiration).

  • Account rights policies.

  • Client and server lockdown policies (restrictions on disks and registry, services that are stopped, whether services use Domain Administrator accounts, hidden shared folders that are removed).

  • Auditing policies (activities being audited, if any).

  • Separation of duties between IT divisions within the enterprise (be aware of any overlap).

  • The degree to which users must retain control of clients, and any exceptions to such policies (for example, servers or computers used by programmers).

  • Sensitivity to security risks.

  • Importance of ease of administration.

  • Special needs you have for secure data access and transmission.

If you document your security policies, you will be prepared to plan your SMS security strategy during the planning phase.

For More Information

Did you find this information useful? Please send your suggestions and comments about the documentation to