Advisory paper launched on efficient Windows security

News by Dan Raywood

Comsec Consulting and IT training consultancy XTSeminars have unveiled an advisory paper that outlines the five key areas of Windows IT security.

Comsec Consulting and IT training consultancy XTSeminars have unveiled an advisory paper that outlines the five key areas of Windows IT security.


The paper reveals the five key areas of security within the Microsoft Windows environment that it claims are regularly overlooked by the IT profession. These are: password strength, administrative access, updates management, security lockdown through group policy and unmanaged and noncompliant clients.


Named ‘Enhancing Five Key Areas of Windows Security - Utilising Technologies Existing in the Workplace', it is designed to advise on enhancing security on the Microsoft platform and will appeal to any organisation dedicated to securing its business, without additional spend on new technologies.


It claims that there is a problem with weak passwords as they can be easily guessed and strong passwords should be used. All administrators should also abide by a similar principal of least privilege access, ‘Never logon to a system with more privileges than needed to do the task in hand'.


It also examines the problem with updates not being effectively managed, and looks at the problems with Microsoft Windows Server Update Services, how a group policy provides an often underutilised vehicle for security lockdown and problems with unmanaged systems on a network.


John Craddock, infrastructure and security architect at XTSeminars, said: “Often, solutions are developed that are narrowly focused and do not take advantage of technologies that have already been purchased as part of an operating system licence.


“Worst of all, in some instances, organisations have burnt their precious IT budget purchasing additional products to perform functions which are already inbuilt. In today's climate we cannot afford to make those kinds of mistakes.”


Stuart Okin, managing director at Comsec Consulting UK, said: “Due to the current economic climate, business priorities are shifting and areas such as spend on security may be under pressure, when in reality the threats are on the increase. In my experience, many organisations needlessly try to seek out the best of breed security solutions, as many of the features required are already available to them.


“In this time of financial cutbacks and budget restraints, our advice is for these companies to ensure that the ‘free' enhanced security functionality that is built into Windows and its associated resource tools, are not being overlooked and are actually providing the value that they are supposed to.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike