At the time talking about policy and security measures, we tend to think about things like minimum password length and the length of time the log on. Two it is certainly an aspect of security policy and unquestionably should be included in your security guide.
However, try to stay away from questions like "password must be at least eight character". We certainly do not want to use the same security policy between IT staff and other users. IT staff have access to a higher than another user and thus require more stringent security. Similarly, some of the servers storing the information is more important than the other servers and require a more stringent level of security. Because of these differences, it should use the security template.
Security Template is a file containing predefined settings that can applied to a group. One in the security guide, you could have mentioned
- Administrators use template A.
- Manager uses templates B.
- User using templates C.
Next, you can specify the settings within each template. This includes the password length, password expiration, and all other security settings.
You also need to specify the template to be applied to the device. At the very least, you will need one template for workstations, one for members of the server, and one for the domain controller. If you have a server application then you may want to create a template for them. Keep in mind that the template workstation should not allow users to install unauthorized software or deleting system files. Template domain controller must protect Active Directory.
One more step that needs to be done. You should periodically check the contents of the template, and having integrity proven template, use the template to audit the existing setting. Free security you should mention how many times it was done, who did it, to whom the results are given, and what to do if there is any inconsistency.
read more reviews later on label create network documentation
No comments:
Post a Comment