Just when you think you've followed all the rules to safeguard your organizational assets against viruses and hackers and burglars, along comes an employee with a better idea. Only it's not better. And it could unravel all of the smart security-enhancement moves you've implemented so far.
As you know, it takes a major commitment to properly safeguard your enterprise from external security risks. If you've started this process by updating your software and virus protection and installing a firewall, you've already made a significant investment of time, effort, and money. Unfortunately, a lack of stringent administrative procedures can unwittingly sabotage your security investment, reversing the changes you've made or inadvertently introducing new risks. Users might not stay current on updates and patches. They might download unauthorized and potentially harmful software, and they might not be vigilant about unauthorized access to data on their computers. Basic steps you can take One solution is to manage desktop PCs and laptops from your server. Not only does this approach reduce the risk that your security-enhancement measures can be sabotaged, but it can also represent a significant savings of time and money due to the efficiencies you gain. Among them: - Proper installation. You can make sure the correct version of the operating system and applications are installed on all of the PCs and laptops from the outset. This helps to ensure compliance with licensing issues as well as consistency across your organization for file sharing and other purposes.
- Timely updates. Patches and bug fixes, along with new versions of software, can be deployed from the server to user PCs and laptops. This way, you know it has been done properly and in a timely manner, and you don't have to rely on users remembering to do it themselves.
Special configurations.
If your organization has preferred settings for the operating system or the applications everyone uses, these can be managed, updated, and enforced organization-wide from your server. In addition, you can prevent users from installing unauthorized programs by restricting their ability to run programs from CD-ROMs and other removable drives, or to download programs from the Internet. - Monitoring. If there is unauthorized access on a PC, or if there is a system failure of some sort on an individual computer, this can be detected immediately through the monitoring capabilities available in a managed PC/laptop environment.
If you're considering a first server or a server upgrade for your organization, it's worth noting that improvements in the management capabilities of Windows Server 2003, together with the enhanced security features in Windows XP Professional with Service Pack 2, offer a powerful defense against internal and external security risks. | |
