Security Watch: Passwords and Credit Cards, Part 2 Jesper M. Johansson - August 2008 In the final part of this three part series, Jesper Johansson looks at how software vendors, security suites, and marketing efforts hinder true security efforts and he warns us about how these practices can lead to the collapse of the technology security ecosystem.
Security: The Great Debate: Security by Obscurity Jesper M. Johansson and Roger Grimes - June 2008 Security by obscurity involves taking measures that don't remove an attack vector but instead conceal it. Some argue that this is a bad practice while others claim that as part of a larger strategy, every bit counts. The debate is quite heated, and some of our finest security experts face off, explaining security by obscurity and presenting both sides of the debate.
Security: New Elevation PowerToys for Windows Vista Michael Murgolo - June 2008 Michael Murgolo is back with an update to his Elevation PowerToys. You'll find enhanced Run as Administrator functionality that works with third-party scripting tools, a way to replace a handy Windows XP feature removed from Windows Vista, and many more useful tools.
Security: Advances in BitLocker Drive Encryption Byron Hynes - June 2008 Windows Vista SP1 and Windows Server 2008 introduce important changes to BitLocker, including support for data volumes and improved protection against cryptographic attacks. Byron Hynes explores the new features, demonstrates how to use BitLocker on a server, and discusses some of the recent media coverage affecting BitLocker.
Security: Application Lockdown with Software Restriction Policies Chris Corio and Durga Prasad Sayana - June 2008 When you want to reduce the total cost of ownership of the desktop machines in your organization, application lockdown can be a great help, letting you limit IT issues related to unsupported applications. See how you can use software restriction policies and Group Policy to control the applications being run throughout your IT infrastructure.
Security: Managing the Windows Vista Firewall Jesper M. Johansson - June 2008 The recent update to the Windows Vista Firewall offers some impressive new features that make it a compelling choice for the corporate environment. Jesper M. Johansson gives a brief overview of the evolution of the Windows Firewall and delves into enhancements—such as new rules and profiles, domain isolation, and encryption—that will have administrators taking a closer look.
Security: Secure E-Mail Using Digital Certificates Matt Clapham and Blake Hutchinson - June 2008 Secure Multi-Purpose Internet Mail Extensions let you hide information in transit, validate senders, and authenticate messages. Learn how to secure e-mail using digital certificates and how to troubleshoot problems you may encounter on your S/MIME system.
Windows Vista: Top Security Features in Windows Vista Anthony (A.J.) Smith and Ned Gnichtel - June 2008 Why should you upgrade to Windows Vista? Among many reasons, the new security features make it a must-have. This article explores some of the major security features introduced in Windows Vista.
The Desktop Files: Security vs. Compliance Wes Miller - June 2008 IT professionals often find themselves with objectives that contradict one another. Take a look at how being compliant often comes at the expense of being less secure.
Security Watch: Principles of Quantum Security Jesper M. Johansson - May 2008 Find out how the Heisenberg Uncertainty Principle and other elements of quantum physics can shed light on evolving security strategies. (Note: No cats were harmed in the writing of this article.)
The Desktop Files: Leaving the Administrator Behind Wes Miller - May 2008 Why is everyone running as Administrator? Wes Miller looks at the risks of running as Administrator and explores the benefits of transitioning your users (including yourself) to running as Users.
SQL Server 2008: Security Rick Byham - April 2008 Security continues to be an area of deliberate improvement for SQL Server. Explore some of the most important security-related changes you’ll find in SQL Server 2008, from encryption and authentication enhancements to Policy-Based Management and the new auditing system that will help with regulatory requirements.
The Cable Guy: Troubleshooting NAP Enforcement Joseph Davies - April 2008 Troubleshooting enforcement behaviors in the Network Access Protection platform can be challenging. The Cable Guy explains how NAP health policy evaluation works and how you can troubleshoot the most common issues.
Security Watch: Where Is My PII? Frank Simorjay - April 2008 Before you can effectively protect your Personally Identifiable Information, you must know where it’s stored on your PC. Here's a look at how to write scripts that will locate personal data stored on your computer. You just might be surprised at what these scripts uncover.
Security Watch: Using SCW on Windows Server 2008 Jesper M. Johansson - March 2008 You've heard about the new Server Manager tool in Windows Server 2008. But the Security Configuration Wizard (SCW) is still available, as well. Find out why you will still want to use SCW.
Security Watch: Island Hopping: The Infectious Allure of Vendor Swag Jesper M. Johansson - January 2008 Security threats don't just come from e-mail and malicious Web sites. See how a USB thumb drive and some simple social engineering can be used to gain access to your entire network. And find out what you can do to keep your network more secure against this threat.
Networking: The Microsoft Security Intelligence Report Tim Rains - December 2007 Microsoft gathers a lot of data on security threats faced by computer users. Get an overview of recent trends, how various versions of Windows have been performing, which regions of the world are most affected, and more.
Security Watch: Windows Domain Password Policies Derek Melber - December 2007 Until now, Windows has allowed only a single password policy per domain. Windows Server 2008, however, lets administrators implement multiple password policies, tailoring different policies for various types of users.
Communications: Exchange Edge Transport Servers at Microsoft: Part 2 Kay Unkroth - November 2007 Exchange Edge Transport servers can help you create a more reliable and secure messaging environment. We showed you how to configure these servers in Part 1, now we'll take you through some detailed examples of how key features help improve your messaging environment.
Networking: Configure VPN Remote Access with ISA Server 2006 Alan Maddison - November 2007 A virtual private network can provide improved connectivity and increased productivity—and it doesn't need to be difficult to implement and manage. Find out how you can use ISA Server 2006 to address two common VPN scenarios.
Security Watch: Secure Access Anywhere John Morello - November 2007 Explore network and security design considerations for an anywhere-access solution using Terminal Service components, and learn some practical methods and best practices for creating a solution with Windows Server 2008.
Communications: Exchange Edge Transport Servers at Microsoft Kay Unkroth - October 2007 How does Microsoft ensure delivery of legitimate messages to employees while keeping the flood of malicious content away from the messaging envrionment? One way is by deploying Exchange Server 2007 Edge Transport servers and Forefront Security for Exchange Server. Find out how these technologies can keep your organization safe.
Security Watch: BitLocker and the Complexities of Trust Justin Troutman - October 2007 Some people have been skeptical of the cryptographic functionality built into Windows Vista. Here's a look at the design philosophies that went into BitLocker and why it should be taken seriously.
Windows PowerShell: Securing the Shell Don Jones - September 2007 When designing Windows PowerShell, Microsoft gave security a leading role. And it shows. Take a look at some of the key security features and settings, such as credential handling and execution policies, that ensure Windows PowerShell won’t fall game to the same problems that VBScript enabled.
Security Watch: The Long-Term Impact of User Account Control Jesper M. Johansson - September 2007 For as much coverage as it gets, there are still a lot of questions and misconceptions about User Account Control. Here’s a frank discussion about what UAC is, what it is not, and how it should affect the way you manage systems.
Security Watch: PKI Enhancements in Windows John Morello - August 2007 In Windows Vista and Windows Server 2008, the Windows PKI platform offers support for advanced algorithms, real time validity checking, and better manageability. Check out the new PKI features and see how they can be used to lower costs while improving security.
Communications: Improve Security with Windows Mobile 6 Matt Fontaine - July 2007 While smartphones and PDAs offer access to the network from outside the office, they can also expose the network to new vulnerabilities. Here’s a guide to how Windows Mobile 6 and Exchange Server can help protect your company’s mobile devices and infrastructure.
Communications: Log onto Outlook Web Access with Smart Cards Victor Akinnagbe, Ted Dressel, and Jason Opdycke - July 2007 One of the most vulnerable links in the security chain has to do with weak, easily compromised passwords. Learn how you can improve e-mail security by implementing two-factor smart card authentication for your mobile users.
Windows Administration: The ActiveX Installer Service in Windows Vista Rob Campbell and Joel Yoker - July 2007 How do you secure the desktop against malicious ActiveX controls without limiting application compatibility? We’ll take you on a tour of the ActiveX Installer Service (AxIS) in Windows Vista that addresses this issue with a new way to manage ActiveX controls.
Security Watch: Tools for Managing ACLs Jesper M. Johansson - July 2007 Managing ACLs can be one of the more complicated aspects of protecting the security of your users' systems. Here are some useful utilities to help automate and simplify these tasks.
Security: Inside Windows Vista User Account Control Mark Russinovich - June 2007 User Account Control, or UAC, is one of the most misunderstood new features in Windows Vista. But its goal—to enable users to run with standard user rights—can solve many security issues. Get an inside look at the problems UAC is designed to address and see exactly how this new feature works.
Security: Keys to Protecting Data with BitLocker Drive Encryption Byron Hynes - June 2007 BitLocker serves two very important purposes: it provides both full-volume data encryption and a way to validate the integrity of early startup components before Windows Vista starts. Get an overview of how BitLocker works and see how it can help you protect your organization.
Security: Exploring The Windows Firewall Steve Riley - June 2007 Mobility has changed computer threats and the techniques that guard against them. As laptops wander outside the perimeter and come back to the network, you need better ways to protect your systems. Find out how you can use Windows Firewall to protect your computers—on the Internet and on your own internal network.
Security: New ACLs Improve Security in Windows Vista Jesper M. Johansson - June 2007 While ACLs haven’t had a major overhaul, there are a number of important changes you need to know about when managing ACLs in a Windows Vista environment. Discover how 30 ACLs have changed to improve security, find out how they will impact your organization, and learn how to manage these changes in your infrastructure.
Security: Managing Hardware Restrictions via Group Policy Jeremy Moskowitz - June 2007 USB thumb-disk keys and other removable devices can make your personal life easier but your professional life harder. For improved security, you need a way to control what hardware devices your users are installing on their work systems. Now you can use Group Policy to control which devices they can use and which ones they can’t.
Security: 4 Security Technologies Every IT Organization Must Have Matt Clapham and Todd Thompson - June 2007 Most businesses share similar security issues. In today’s connected world, there are four general types of security tools that every organization absolutely must have. Find out what these tools are and explore how the technologies involved may work together in the future to create the ideal security solution.
Security: A Powerful New Tool for Certificate Management Kevin Dallmann - June 2007 Certificates are a key component in your infrastructure— when one expires, productivity can come to a halt. If you rely on a Microsoft PKI environment, the new Identity Lifecycle Manager Certificate Management (ILM-CM) solution can help keep things running smoothly. Find out how this tool can help you improve authentication processes and reduce certificate management costs.
The Desktop Files: How Not to Lose Your Data Wes Miller - June 2007 It’s surprising how often important data is lost. But the reality is that information is lost because people fail to protect it. Explore the important steps you can and must take to secure your organization's data.
Security Watch: Network Access Protection John Morello - May 2007 Rogue devices being used behind the network perimeter pose a serious security risk. Microsoft Network Access Protection provides a flexible architecture for organizations of all sizes to protect themselves from non-compliant computers brought on to the network by employees, vendors, and visitors.
Security Watch: The Security Configuration Wizard John Morello - April 2007 The Security Configuration Wizard provides an efficient way to secure thousands of servers spread across numerous geographic locations. Here's everything you need to know to start hardening your servers and reducing their attack surface based on the roles they perform.
Security Watch: Deploying EFS: Part 2 John Morello - March 2007 Last month, we looked at the back-end portion of an EFS deployment, discussing the elements that a system administrator will deal with. In this issue, we focus on EFS from the end-users' perspective, exploring enhancements to Windows Explorer and the task of choosing file system locations to be encrypted.
Windows Administration: Delegating Authority in Active Directory Joel Yoker and Rob Campbell - February 2007 Implementing delegation in Active Directory can enhance
security and simplify management tasks, and getting started
is easier than you think. Here are some simple delegation
models that will work in most IT infrastructures with little
Windows Administration: Gaming in a Secure Environment Matt Clapham - February 2007 Whether you’re busy at work or doing some serious gaming
at home, running as a limited user has many security benefits.
Unfortunately, some games don’t want to work when they’re
not run as administrator. Here’s a look at some common
problems and their solutions.
SharePoint: 7 New Features That Enhance Security in SharePoint Adam Robert Buenz - January 2007 With SharePoint tapping into more enterprise data and becoming more integral to business workflow, security becomes far more critical. Find out how these seven new features in MOSS can quickly improve security in your organization.
Security Watch: Deploy a Globally Trusted PKI John Morello - December 2006 Imagine running your own PKI that combines the benefits of an internal PKI and the key advantages of a globally trusted root. Louisiana State University (LSU) has just such a solution. Take a close look at the technical design of LSU’s implementation and find out best practices for deploying a similar system in your organization.
Windows Vista: Protect Your PC with New Security Features in Windows Vista Justin Harrison - November 2006 Developed according to the Microsoft Security Development Lifecycle guidelines, Windows Vista offers a level of security not built into earlier versions of Windows. Take a look at the new and enhanced features Windows Vista offers to help you detect and prevent security threats.
Windows Vista: Achieve the Non-Admin Dream with User Account Control Alex Heaton - November 2006 While limiting user privileges is a good way to help protect your systems, non-admin accounts can be inconvenient, introducing problems such as application compatibility issues. Windows Vista offers new features that make it easier for you to manage and support standard user accounts
Security Watch: I Just Got a Security Bulletin. Now What? Christopher Budd - November 2006 The Microsoft monthly security bulletin has helped foster more mature processes for deploying security updates. Since you know security bulletins are released on a predictable day, you can build your own regular processes for handling them.
Utility Spotlight: Access-Based Enumeration James D. Silliman - September 2006 As a systems administrator, you've probably had users complain that they can't access certain folders they see in Windows® Explorer. The cause is often simple: the user doesn't have permission to open those resources.
Managing Identity: Extreme VPN Makeover David Conrad - July 2006 Who decided that Virtual Private Networks, or VPNs, were a good idea? With VPNs, we could let armies of mobile workers with
"legitimate" business needs connect to our nice corporate
Utility Spotlight: The Shared Computer Toolkit Jeremy Moskowitz - July 2006 One of the most common requests I get at my Group Policy forum, GPanswers. com, is how to take machines and "lock them down. " People want to ensure their machines can’t be broken by Joe User or Harry Badguy.
Security Watch: Help Wanted—Need "People" People Jesper M. Johansson - July 2006 I’m not really a people person. I’ve said so for years. My old college roommate, Joe, had a better way to put it, but the way he said it is unfortunately not suitable for print. Frankly, not being a people person is a good part of the reason I went into IT in the first place.
Serving the Web: Nine Tips to Enhance IIS Security Brett Hill - May • June 2006 Securing your IIS 6.0 installation is an important task. The amount of work required can vary greatly depending on the complexity of your application as well as your infrastructure and how these combine with your need to secure content.
TechNet Update: Tools from the TechNet Security Center Geof Wheelwright - May • June 2006 You are probably all too aware that IT security is about much more than just installing a few key tools and applications and then keeping current with security updates. You not only have to keep your systems secure on a day-to-day basis by taking the right preventative measures and having the most appropriate security and management tools, but you also have to find ways to foresee future threats and implement strategies to combat them.
Windows Confidential: The Intranet Can Be a Scary Place Raymond Chen - May • June 2006 If you’ve installed Windows Server™ 2003, you’ve probably discovered that Microsoft® Internet Explorer® doesn’t behave quite the same as it used to. You get prompted for your domain password more often, script doesn’t run, downloading from Web Folders is blocked—it’s just not fun.
Security Watch: Establish a Remote Access Quarantine Steve Riley - March • April 2006 In those good old easy-to-manage pre-mobility days, personal computers presented few actual threats to a network. Sure, there was the occasional virus you’d get from a borrowed floppy disk, but the rate, or at least the speed, of infection was pretty low—limited substantially by the low bandwidth and high latency of "sneakernet" technology.
Inside Microsoft.com: Analyzing Denial of Service Attacks Paul Wright - March • April 2006 If you’ve been following this column, you know how big Microsoft. com is. If not, you can probably imagine. On average, the site reaches over 13 million unique users per day, and about 289 million per month.
Windows Confidential: An Administrator Is Not the Administrator Raymond Chen - March • April 2006 I came across a report from a user who was trying to set the owner of a file to "Administrator. " The user was unable to do this even though he was logged on as an administrator. Why won’t the system let an administrator change the owner of a file to Administrator? Don’t administrators have permission to take ownership of files?.
Security Watch: Why You Should Disable the Administrator Account Jesper M. Johansson - January • February 2006 I’ve fielded a lot of questions recently about how to manage the built-in administrator account. I am referring specifically to BUILTIN\Administrator, also known as NT AUTHORITY\Administrator, the account with relative identifier (RID) 500.
How IT Works: NTFS Permissions, Part 2 Richard Civil - January • February 2006 While security is essential in today’s network, unfortunately some administrators think they are secure if they just have a good firewall. Various studies suggest that up to 65 percent of all network compromises happen from inside the firewall.
Legal Briefs: Breach Notification Laws Don McGowan - January • February 2006 It’s almost impossible to read the news these days without running into a piece about computer security, compromised personal information, and bills written to protect consumer rights. Confidential information being inappropriately accessed and used is not a new problem.
Field Notes: Real Pros Don't Run as Normal User Shelly Bird - November • December 2005 Real techs think they have got to log in with the rights of a higher power on their system, even to check their e-mail or surf the Web. Ditto for developers, doctors, and everyone else who is convinced their job is important and requires full-blown Administrator privileges.
Post Mortem: Securing a Government Agency with Smart Cards John Morello - November • December 2005 Homeland Security Presidential Directive 12 (HSPD12) requires Federal government agencies to begin utilizing strong, two-factor authentication for physical and logical access to Federal buildings and computer systems.
How IT Works: NTFS Permissions Richard Civil - November • December 2005 Several years ago I got quite a surprise while fixing the permissions on a client’s file server. One of the users had Write permission on several files and folders in one branch of the directory tree.
Security Watch: Isolate Servers With IPsec Joseph Davies - Spring 2005 We live in an age of always-connected communication and are able to send e-mail messages or gain access to files, databases, and Web pages at any time, through a proliferation of networking technologies.
Theft On The Web: Theft On The Web: Prevent Session Hijacking Kevin Lam, David LeBlanc, and Ben Smith - Winter 2005 There's a variety of ways that bad guys can take control of your network sessions, and they can do a lot of damage once they do take over. They can steal credit card information, user names, passwords, and more. Find out how to thwart their attempts before it's too late.
: Beat Hackers At Their Own Game With A Hackerbasher Site Marnie Hutcheson - Winter 2005 Wouldn't it be great if you could turn the tables on Web site hack attempts by diverting them to a dead end where you can log all the information the attacker left behind? Here's how you can construct your own web to snare would-be attackers.
Utility Spotlight: Analyze Security Descriptors with searchSd TechNet Magazine Staff - Winter 2005 Your IT department is interested in conducting security audits. The group wants to have statistics generated about the usage of access control entries (ACEs) in their domain deployment. They want to be able to run a job every Sunday at 1:00 A.
Office Space: Information Rights Management In Office 2003 Alok Mehta - Winter 2005 Today's knowledge workers deal with sensitive information all the time. This information comes in a variety of formats such as Microsoft Word, Excel, PowerPoint®, and e-mail documents, and it must all be protected from unauthorized access and distribution.
Serving the Web: Essential Security Administration For IIS 6.0 Brett Hill - Winter 2005 IIS 5. 0 administrators are familiar with the important security-related tasks required to harden and maintain a secure Web services environment. The many new features and capabilities of IIS 6. 0, available with every version of Windows Server™ 2003, renders the previous version obsolete.
Resources: IIS 6.0 Security Phil Sherwood - Winter 2005 In today's business environment, most organizations are using Web servers to extend products and services to both internal and external customers. At the same time, attackers are increasing their relentlessness and sophistication.