Security Tip of the Month

Laying the Foundation for the Microsoft Security Development Lifecycle: Implementing the Principles
One of the phrases frequently used in strategy planning at Microsoft is "crawl, walk, run.” This phrase is used to differentiate initial activities that get us quickly moving toward larger goals from other activities that may require longer preparation or planning. As you move toward implementing the Microsoft Security Development Lifecycle (SDL) in your development lifecycle, this "crawl" phase is very important.

Initial Considerations for Secure Deployment
Securing Windows Vista images and product keys is critical to protecting license assets. Taking this one step further, this article will outline the three steps that you can take to set an initial security posture for your users when deploying Windows Vista using Microsoft Deployment or Business Desktop Deployment 2007.

Anywhere Access and Mobile Security
Organizations are experiencing an increase in the number of employees using mobile devices to get their work done while on the move. Managing an ever-expanding fleet of mobile devices while ensuring end-to-end data integrity is a difficult task for any organization.

Securing the Gateway to Your Enterprise: Web Services
With the advent of Web Services, backend systems running in data centers and mainframes are available in well-published Web Service APIs. As a result, developers, architects and administrators become more concerned about the security of Web Services.

Adding “Kick” to Your Remote Access Security Policies with Intelligent Application Gateway 2007
One of the key concerns network administrators face is how to ensure the security of an application and its data when the administrators no longer control, and therefore cannot trust, all of the computers that are used to gain access.

User Account Control and SQL Server
Windows Vista includes User Account Control (UAC), a new feature that helps administrators manage their use of elevated privileges.

Six Easy Pieces for Computer Security
Computer security has substantially evolved over the last fifty years. The early computer systems of the 1940s and 1950s had no security at all, and for a variety of reasons that worked fine. But today’s computer systems exist in a different world.

Read the EULA.... No, Really Read It
Those who know me and my views on privacy might describe me as “detail oriented,” if they were being polite. I’m the type of person who reads every word of every End User License Agreement (EULA) and privacy statement before deciding if I want to take part in whatever service or application it is.

Improving Management of Client Anti-Malware Solutions
As if the challenges of scanning, detecting, and removing malware weren’t enough, IT professionals have the difficulty of integrating a client protection solution into their existing infrastructure and managing this solution.

Making SharePoint Resources Safe for Remote Workers
Collaboration has become an essential force in the workplace as groups of colleagues work together to solve problems, complete projects, and perform other essential day-to-day business operations.

Why Create a Security Incident Response Process
Combating malicious software in your environment isn’t just a matter of implementing the right technology solutions. Like all things in the IT world, effectively combating malicious software is a solution that combines those three classic, critical elements: people, processes, and technology.

Updating Your Deployment with RMS SP2
This article provides information to help you install Windows Rights Management Services (RMS) with Service Pack 2 (SP2) in an organization with an existing RMS deployment. Organizations that are deploying RMS for the first time can deploy RMS with SP2 by following the guidelines in Planning an RMS Deployment and Deploying an RMS System in this same documentation collection.

How to Set Up a Wireless Network with a Security Infrastructure
Due to the nature of wireless LAN networks, implementing a security infrastructure that monitors physical access to the network is difficult. This document provides step-by-step instructions on how to set up a wireless network using 802.1x and Wi-Fi Protected Access.

Hardening Guide for Microsoft Windows Rights Management Services
Microsoft Windows Rights Management Services (RMS) is a product that allows you to assign and enforce content use policies on e-mail messages, documents, and other objects controlled by an RMS-enabled application. The protection offered by RMS is embedded into the content when it is rights-protected and stays with it regardless of where it goes.

Ten Tips for Designing, Building and Deploying Server and Domain Isolation
Server and Domain Isolation (SDI) is a great solution for protecting your systems and your information against network attacks. SDI uses Internet Protocol Security (IPsec) for host authentication and network traffic integrity (and optionally encryption), ensuring that untrusted computers plugged into your corporate network -- maliciously or not -- cannot introduce worms or make targeted attacks to your servers, desktops, and notebooks.

BitLocker™ Drive Encryption and Disk Sanitation
What happens to the data on a hard disk when a PC reaches its end of life? This is a very important question for many organizations and is a growing concern among security experts and corporate executives.

Quarantine Control for VPN Roaming Clients in ISA Server
Microsoft® Internet Security and Acceleration (ISA) Server 2006 and ISA Server 2004 provide virtual private network (VPN) security functionality for roaming clients. As part of this functionality, you can establish granular control over newly connected clients, placing them in quarantine until they meet corporate connectivity standards.

Improve the Security of Remote Access to Exchange Server with RPC over HTTP
One of the most compelling features of Microsoft Exchange Server 2003 when combined with Microsoft Office Outlook 2003 is the ability to use the Remote Procedure Call (RPC) over HTTP feature.

Finding the Right Security Partner
If you are looking for a partner who has proven expertise in delivering security solutions that can help your business, here are some questions and criteria to consider before making your decision.

IT Audit Process
Audits are a critical component of the regulatory compliance process. In general, it is the auditors who will determine whether your organization is in compliance with the regulations and standards that it must address.

Managing the WSUS Automatic Updates Client Download, Install, and Reboot Behavior with Group Policy
Windows Server Update Services (WSUS) clients can be configured to provide update installation and reboot behavior best suited to your environment and your business needs.

Microsoft Certificate Lifecycle Manager Beta 1
Microsoft Certificate Lifecycle Manager (CLM) is tightly integrated with the Active Directory service for authentication and authorization. Beta 1 of CLM was released in February and is available publicly.

Internet Explorer 7 Helps Users Fight against Phishing
Microsoft Internet Explorer 7 has many new features that will help protect users against such attacks. One such feature is Phishing Filter.

Administrating the Administrators
In many organizations there are multiple network administrators that either do not need or should not have access to network resources that are not meant to be under their control.

ISA Server Port Scan Alerts
Since the dawn of ISA Server time (2000, if you haven’t been watching), ISA Server administrators have received practical but often confusing notifications of “all port scan” and “port scan” intrusion attempt alerts.

Virtual Private Network Quarantine
Although a virtual private network (VPN) provides secure access by encrypting data through the VPN tunnel, it does not prevent intrusions by malicious software, such as viruses or worms that initiate from the remote access computer.

Rootkits: The Obscure Hacker Attack
Rootkits are nearly undetectable and they're almost impossible to remove. Although detection tools are proliferating, malware developers are constantly finding new ways to cover their tracks.

Ten Tips for Designing, Building, and Deploying More Secure Web Applications
This paper provides an introductory set of guidelines for designing, building, and deploying Web applications and services in a more secure manner.

Security and Compliance Solutions Guidance
The Microsoft Security Solutions and Compliance (MSSC) team creates prescriptive guidance to help IT professionals stay one step ahead of security issues.

Dealing With Multiple Identity Stores
As soon as a network environment has more than one location to store digital identities, the problem of how to manage multiple identities emerges.

The Urgent Need to Implement E-Mail Authentication
A value proposition for senders, users, and domain holders.

Phishing Hook, Line and Sinker
Here are some quick tips to help you avoid getting hooked by a phisher.

Making Web Browsing More Secure
How to make Web browsing more secure by doing a few simple things.

It Seems So Easy to Gain Access: Social Engineering
Hackers use the term social engineering to describe the art of persuading people to divulge information, such as account names and passwords.