TexasCHLforum.com

Windows OS I love.....job security

But really I support nearly 1500 users (engineers no less) in 5 states with about 20 domains from NT to 2003, each has it weakness and strengths.

There are very simple rules to keep your system/network secure, Windows OS or any OS:

1. Hardware Firewalls
2. Users are not local/network admins
3. Do not allow users to load/install programs
4. Run antivirus/firewall (firewall most important on laptops)
5. Push out OS updates and Antivirus updates

Those simple steps will stop 99% of all issues. If you start to "break" these rules then you will have security issues.

You see MS is giving what the public ask for. Sure a small % does not like what MS is doing but MS must be doing something correct if they are a large share of the market. Free Market concepts at it's best.

Brian

You left off the biggest one of all- Change Management. (From your freindly ITIL Foundation certified manager)

Blazen wrote:

Automatic updates are a good thing!

For the most part these are good. At the desktop level, I agree, but at the server level, no. Some of these updates break things. Critical servers I always do by hand, non-critical, I normally let the auto update handle it.

WSUS is a good thing, once you get it set up correctly and you get your GPO's set right as well...

That is a good practice Blazen. I don't know how many times I have seen updates fix minor problems and install major new problems at the same time. In my opinion, it is not limited to servers though. The MS OS of today is somewhat more stable than those of a few years ago. All technology resources are not candidates for full automation, at least not at this stage of technology maturity.

Most of the problems I run into can be categorized as a "short between the keyboard and the user". Some electronic technicians might refer to that as an "open" instead of "short".

Hoppes