Академический Документы
Профессиональный Документы
Культура Документы
Name
Institution Affiliation
MANAGING DESKTOP SECURITY 2
Each organization faces security threats, and the types of security threats that affect
one organization most can vary completely from another. The one thing that is common to all
organizations is the need to keep their apps and devices safe. These devices must comply
with the organization's safety standards (or safety baselines). In order to help increase
flexibility and reduce costs and complexity, Microsoft suggests that companies adopt a well-
known and well-tested industry-standard security model, such as the Microsoft Security
Baselines, and stick to well-known and proven solutions, as opposed to creating a custom
configuration template for itself. Group policy is a Microsoft Windows Active Directory
feature that adds additional user and device account controls (Dalton & Curtis, 2001). Group
policies provide user computing environments with centralized management and operating
systems settings. Group policies are another way to secure user computers from intrusion and
infringement of data.
There are some basic group policy settings that can make your network far more
secure than without them if properly configured. By configuring computers' security and
functional actions through Group Policy (a group of device registry settings), you can make
your organizational network safer. Through Group Policy, you can prohibit users from
accessing specific resources, running scripts, and performing simple tasks such as requiring
I being the most technical employee in the organization and needed to tackle and
provide group policy recommendations that would protect the organization from insider
network attacks could be avoided if the end user of the system was not logged in as a member
of the group of administrators. Administrators also give local administrator privileges to end
MANAGING DESKTOP SECURITY 3
users so that they can install or run programs on their computers, but if you do this, you give
away the keys to the kingdom (Greene & Tim, 2009). By not allowing regular users to have
administrator rights, you can prevent the installation of new programs. Normally, non-
2. Rename the Administrator and other Highly Privileged Accounts - Most threats are
computerized and are programmed to search for Administrator accounts. Although the well-
known administrator SID cannot be modified, most malware and hackers are not operating at
SID level. Rename sensitive accounts that seem to be a regular user account. Then create fake
replacement profiles, even the default descriptions are simulated. Restrict these accounts
heavily and provide them with long, complex passwords (15 characters or more), then check
3. Use firewalls and antivirus, antispam, and antispyware solutions - Each PC should be
protected by a firewall that is host-based, or personal. Windows Firewall (or ICF) is the best
firewall for the job. By default it will reject all incoming connections that were not initiated
by an outgoing connection before. This feature defeats the door beating malicious mobile
software. Although firewalls and antivirus software will not block all bad programs from
entering your computer, they are doing a good job of preventing most of the threats.
executable files that an attacker is far more likely to use maliciously than a trustworthy user is
legitimately. Delete the ability of non-admin users to read and execute certain files while
checking the NTFS permissions. (For all authenticated users, all files in Windows and
System32 directories are allowed to be read and executed by default.) Make sure you only
5. Screen saver timeout and password protect the screen saver – When the computer is
not in use for quite pattern of minutes, would adjust it on how it would timeout within set
minutes patterns, and workers would be required to enter a login password so that they can
continue accessing the computer. This would limit cases of other casual employees with other
Having these policies would see numerous adjustments to the organization way of
protecting information, and minimizing cases of insider threats that would sabotage the
operations of the organization. Among the preventions met by this policies would be;
Ease of management
Folder restrictions
References
Dalton & Curtis. (2001). Managing Remote Desktop Firewalls. To protect your network and
its remote client systems, you must face and tackle the daunting task of building a remote
Greene & Tim. (2009). IBM software to ease multivendor security management; IBM is
introducing software that lets customers manage multivendor desktop security agents via a