Get a glimpse inside Roberta Bragg's new book "Hardening Windows systems" with this series of book excerpts. This excerpt from Chapter 1, "An immediate call to action," explains why you need to designate and harden administrative workstations. Click for the complete book excerpt series or purchase the book.
Lock down administrative workstations
Designate certain workstations as administrative workstations, computers that will be used to administer the network. Harden them. How much? Just as hard as you can. Start by putting them in a secured area and reinstalling the operating system and adding the latest service pack and security patches. Do this off the network. Use IPSec or a personal firewall to control ingress (what comes in) and egress (what goes out) and use software restriction policies to prevent the use of nonapproved software. Use the workstations only for administration -- no playing of games, no e-mail.
Click for the next excerpt in this series: Physically secure all systems.
Click for book details or purchase the book.