Windows security: Is it weak?

The security levels of Microsoft operating systems has been questioned by many IT pros. Expert Derek Melber runs down which areas to make sure are secure under a Windows installation base.

The level of security provided in Microsoft operating systems is joke fodder for many IT pros. Some companies have

stayed away from Microsoft for security's sake. You might be wondering if your servers and desktops -- as well as your entire organization -- are secure under your current Windows installation base. This is a valid concern and one that should not be taken lightly. Here, we will look at the areas you must ensure are secured.

Is the perception a reality?

Related information:

Maintaining a secure Active Directory network

What's in a name? Active Directory security under the covers

I have been working with Windows since 9x and NT 4.0. When I first got involved with these operating systems, security was not as important as it is today. Back then, the intent of attacks was to just make things harder for IT professionals. I remember when service packs released to fix broken and insecure areas of Windows typically did more damage than good. When Microsoft tried to tackle security back then, it was merely a feeble attempt.

Over the past few years and operating systems, Microsoft has done a very good job of increasing the security features that are included in the operating system. However, the reality of the situation is that the default installation is not as secure as it could or should be. So, the perception is a reality! However, the perception that Microsoft operating systems are insecure is not wholly valid. There have been significant changes and features that help make a Windows computer very secure.

Where attention should be directed

Attention to your Windows servers and desktops should be given where security is an option but is not configured. Most of these settings are included in Group Policy. Therefore, you should have your IT staff do their due diligence on how to design, configure and deploy Group Policy. Microsoft has developed some Windows hardening and security guides that you can find here.

Special attention should be given to the following areas:

  • Authentication protocols
  • Anonymous access
  • Network communication signing
  • Services
  • User rights
  • Account policies
  • Audit policies
  • Administrator use and password
  • Local group membership

Summary

Windows systems can be secured, but the installation does take some extra effort. Knowing that these systems are weak by default can give your IT staff the upper hand in locking them down before a disaster or breach happens. You can secure servers and desktops by using the security guides. Just remember that a Microsoft operating system is designed for ease of use first and security second. In almost all cases, these two have conflicting settings, which makes the default installation a bit weaker than desired.

Dig deeper on Microsoft Active Directory

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close