Security Top Ten List:
Microsoft Windows NT
This list of security standards provides Microsoft® Windows NT® system and network administrators at the University of Michigan with some of the most important actions that they can take to create and maintain a secure network environment. While it is recognized that the unique characteristics of some system configurations may make it impossible to implement all these standards, system and network administrators are encouraged to put into practice as many of these actions as possible.
For more information or to offer feedback about these security standards, send electronic mail to security-issues@umich.edu.
1. Require or set a password for each individual user.
Make sure that the passwords you choose are secure. Do not use any word that appears in a dictionary, and avoid proper names. (In fact, it’s better to think of a "password" as a "pass phrase.")
2. Delete or restrict severely the user "guest."
3. Never delete or change the name of the Administrator account.
Always make one account with security equivalent to the Administrator account.
4. Use UNIQNAME or ORG/LOC/# for machine identification.
This will help staff across campus to identify the location of the system easily.
5. Implement FTP access with appropriate security. Limit anonymous access to specific users and/or shares.
6. Create shares with specific directory and share level security only for those users requiring access.
7. Implement domain trusts on NT Servers carefully and manage the domain administrators group so that only those users requiring administrative access are members.
8. Check the security access to files for Macintosh® shares on NT servers.
9. Implement an automatic virus checking program or process.
10. Make frequent backups.
Store backups in a secure environment. Do complete system, not just incremental, backups on a regular schedule.
Microsoft and Windows NT are registered trademarks of Microsoft Corporation.
Macintosh is a registered trademark of Apple Computer, Inc.
Copyright © 1996 by The Regents of the University of Michigan
R1412, 6/96