Services and Service Accounts Security Planning Guide

 

Download this Solution Accelerator

Click here for the Services and Service Accounts Security Planning Guide.

About This Solution Accelerator

This guide is an important resource to plan strategies to run services securely under the Microsoft Windows Server 2003 and Windows XP operating systems. The main goal of this guide is to help administrators reduce the effect of a compromised service on a host operating system.

The guide addresses the common problem of Windows services that are set to run with highest possible privileges, which an attacker could compromise to gain full and unrestricted access to the computer, domain, or even to the entire forest. It describes ways to identify services that can run with lesser privileges, and explains how to downgrade those privileges methodically. This guide can help you assess your current services infrastructure and make some important decisions when you plan for future service deployments.

Microsoft has already tested the services included with the Windows Server 2003 and Windows XP operating systems to run with their default logon accounts, to ensure that they run at the lowest possible privilege level and are sufficiently secure. These services should not need modification. The main focus of this guide is to secure the services that are not provided with the operating system, such as those supplied as a component of other Microsoft server products: for example, Microsoft SQL Server or Microsoft Operations Manager (MOM). Services installed with third-party software applications and line-of-business applications developed in-house might need additional security enhancements.

The guidance is based on Microsoft Security Center of Excellence (SCoE) experience in customer environments and represents a Microsoft best practice.

Included in the Download

The Services and Service Accounts Security Planning Guide includes the following component:

  • The Services and Accounts Security Planning Guide.pdf

In More Detail

This guide consists of the following chapters:

Chapter 1: Introduction

This chapter provides an executive summary, introduces the business challenges and benefits, suggests the recommended audience for the guide, and provides an overview of the chapters in this guide.

Chapter 2: The Approach to Running Services More Securely

This chapter provides an overview of the account types used to log on to services and describes the principles and strategies to apply when you plan your program to run services more securely.

Chapter 3: How to Run Services More Securely

This chapter describes how to run services more securely with the principles and strategies discussed in the previous chapter. It also covers the new Security Configuration Wizard in Windows Server 2003 Service Pack 1, which is an indispensable resource in your plan to run services more securely.

Chapter 4: Summary

This chapter summarizes the guidance provided and the problems addressed in this guide. It provides links to additional relevant reading materials.

See other Solution Accelerators that focus on security at the Security Solution Accelerators site on Microsoft TechNet.

Community and Feedback

About Solution Accelerators

Solution Accelerators are authoritative resources that help IT professionals plan, deliver, operate, and manage IT systems that address real-world scenarios. Solution Accelerators provide free prescriptive guidance and automation to accelerate cross-product integration, core infrastructure development, and other enhancements.

Register to receive the Solution Accelerator Notifications newsletter so that you can stay informed about new Solution Accelerator releases and updates. The newsletter covers such areas of interest as

  • Communication & Collaboration
  • Security, Data Protection, & Recovery
  • Deployment
  • Operations & Management

Download This Accelerator

Click here for the Services and Service Accounts Security Planning Guide.