Standard Security Practices for Windows NT (166992)



The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional
  • Microsoft Windows NT Server 3.1
  • Microsoft Windows NT Workstation 3.1
  • Microsoft Windows NT Advanced Server
  • Microsoft Windows NT Workstation 3.5
  • Microsoft Windows NT Workstation 3.51
  • Microsoft Windows NT Workstation 4.0
  • Microsoft Windows NT Server 3.5
  • Microsoft Windows NT Server 3.51
  • Microsoft Windows NT Server 4.0

This article was previously published under Q166992

SUMMARY

Any security breach that requires access to administrative privileges needs to be dealt with using the appropriate security policy. This applies to all commercial operating systems, including Windows NT and UNIX.

MORE INFORMATION

Security is achieved through a combination of technology and policy. In order to maintain a highly secure environment, standard security practices should be followed, including:
  • Only trusted individuals should be granted Administrator privileges on the system.
  • The Administrator account should not be intended for casual use.
  • The Administrator account should only be used to administer the network or domain.
  • The Domain controllers should be physically secured.
  • Maintain a strong password policy. See http://www.microsoft.com/security/default.asp.
  • Rename the Administrator account.
  • Never run untrusted programs while logged in as Administrator.
For more information on other security topics, see the Microsoft Security Advisor site at: http://www.microsoft.com/security/.

Modification Type:MajorLast Reviewed:5/12/2003
Keywords:kbinfo KB166992