Comsec Consulting And XTSeminars Reveal Top Five Enhancements To Secure Windows IT

• Advisory paper outlines five key areas of IT security to address in Windows environment, utilising technologies existing in the workplace.

London, 16 April 2009 – Comsec Consulting, a European market leader providing  information security consulting services, and XTSeminars, a world class IT training consultancy, today reveal the five key areas of security within the Microsoft Windows environment regularly overlooked by the IT profession.

Based on the Advisory Paper entitled ‘Enhancing Five Key Areas of Windows Security - Utilitising Technologies Existing in the Workplace’, launched today by Comsec Consulting and XT Seminars,  the advice for enhancing security on the Microsoft platform will appeal to any organisation dedicated to securing its business, without additional spend on new technologies.

The advisory paper examines some of the frequently overlooked and underutilised technologies inbuilt on the Microsoft platform which can enhance an organisation’s security posture, including:
• Password strength
• Administrative access
• Updates Management
• Security lockdown through group policy
• Unmanaged and noncompliant clients

John Craddock, Infrastructure and Security Architect, XT Seminars says “Often, solutions are developed that are narrowly focused and do not take advantage of technologies that have already been purchased as part of an operating system licence. Worst of all, in some instances, organisations have burnt their precious IT budget purchasing additional products to perform functions which are already inbuilt. In today’s climate we cannot afford to make those kinds of mistakes.”

Stuart Okin, Managing Director, Comsec Consulting UK, says “Due to the current economic climate, business priorities are shifting and areas such as spend on security may be under pressure, when in reality the threats are on the increase.  In my experience, many organisations needlessly try to seek out the best of breed security solutions, as many of the features required are already available to them.  In this time of financial cutbacks and budget restraints, our advice is for these companies to ensure that the ‘free’ enhanced security functionality that is built into Windows and its associated resource tools, are not being overlooked and are actually providing the value that they are supposed to.’

The paper examines 5 key security enhancements, summarised here:

• Password strength – The problem with weak passwords is that they can be easily guessed. Even if the authentication protocol is using Kerberos it is possible to capture the Kerberos pre-authentication packet from the network and perform an offline dictionary attack. STRONG passwords are a must. But how do we get users to remember them? The solution is to forget passwords and use pass phrases, “£!My*Car Cost 10,000$$$”. Remarkably strong and you will be surprised how easy pass phrases are to remember.

• Administrative access – There is one mantra by which all administrators should abide “Never logon to a system with more privileges than needed to do the task in hand”, this is the principal of least privilege access. In some situations this is easier said than done. The paper highlights a potential risk for domain joined computers and provides a simple solution using group policy to manage “Restricted Groups”.

• Update Management – It is evident from the number of systems still being successfully attacked that updates are still not being effectively managed. The Advisory Paper looks at the use of the Microsoft Windows Server Update Services (WSUS) for managing the deployment of updates and the use of the Microsoft Baseline Security Analyser (MBSA) to check for successful deployments. The use of virtualisation and Server Core is also examined with a view to simplifying update management and security lockdown.

• Enhance security through group policy – group policy provides an often underutilised vehicle for security lockdown. Combine group policy with the GPO Accelerator and guidance from the Security Compliance Management Toolkit Series and you have a winning combination.
   
• Securing unmanaged and noncompliant clients – If a client not joined to our domain then it is considered to be unmanaged. It is likely that there will be a number of unmanaged systems on our network; they may belong to developers, consultants, visitors or even hacker. We need to protect our valuable corporate resources form these systems. The simplest way of achieving this is through the use of IPsec. In the paper we look at the use of IPsec to provide both domain and server isolation. Network Access Protection (NAP) was introduced with Windows Server 2008 and we examine its use for managing computers that are not compliant with our corporate network health policy.

For a copy of the Advisory Paper, entitled ‘Enhancing Five Key Areas of Windows Security, Utilising Technologies Existing in the Workplace’ please visit www.comsecglobal.com/events.aspx or www.xtseminars.co.uk.

To view exclusive video footage of Stuart Okin, Comsec Consulting and John Craddock, XT Seminars, discussing the five key areas of windows security to enhance, visit www.virtuallyinformed.com.