----------------------------------------------------------- SearchWin2000.com's Security Tip ----------------------------------------------------------- TODAY'S SECURITY TIP: Organizing group accounts ============================================================ Sponsored by VeriSign - The Internet Trust Company ============================================================ Do you need to encrypt all your online transactions? Secure corporate intranets? Authenticate your Web site? Whatever security your site needs, you'll find the perfect solution in this FREE Guide from VeriSign, "Securing Your Web site for Business." Get your copy today to learn the facts! Click here! http://www.verisign.com/cgi-bin/go.cgi?a=n094540330003000 ============================================================ Tips Summary "Organizing group accounts" By Adesh Rampat A network administrator has to deal with the following scenario: The company has just reorganized its department staff into various other departments. These staff members in the new departments are now performing different job functions. For example, an employee who belonged to the human resources department is now relocated to the accounts department. The network administrator must now reorganize the network group accounts to reflect the new changes. The above scenario takes place continuously in the corporate world and the network administrator must always have the network group accounts current in order to eliminate any duplicate user accounts as well as duplicate group accounts because after the restructuring process some users will still have access to their previous shares. This can result in malicious attacks depending on the employee's state of mind. The following steps can be taken to keep someone who no longer belongs to a group account from accessing protected information: -Most importantly, when new users are added to group accounts auditing must occur initially on a regular basis (refer to Auditing using Win2K). -The use of group policies should be used to assign permissions as needed. Creating a user group is much easier to manage than individual user accounts. -Do not have any group accounts representing departments that no longer exist. This allows for greater manageability of the group accounts. -The network administrator should ensure that all user access for previous shares be removed. As in the scenario above, if the user who belongs to the human resource department was handling confidential information and gets relocated to another department, then the network administrator should make sure that all shares that pertain to this user are removed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Adesh Rampat has 10 years experience with network and IT administration. He is a member of the Association of Internet Professionals, the Institute for Network Professionals and the International Webmasters Association. He has also lectured extensively on a variety of topics. ======================================================== Did you like this tip? If so (or if not), why not let us know? Send an email to us at mailto:[EMAIL PROTECTED] and sound off. ======================================================== Featured Book ======================================================== "Admin911: Windows 2000 Group Policy" Author: Roger Jennings Publisher: Osborne Published: Nov 2000 Plan, design, test, roll out, and troubleshoot the policies available for managing your enterprise network with help from Admin911: Windows 2000 Group Policy. This practical and concise handbook contains all the critical information you need to solve problems quickly and keep your network running smoothly and efficiently. http://www.digitalguru.com/dgstore/product.asp?isbn=0072129484&ac_id=73 ==================================================================== SECURITY ANSWERS -------------------------------------------------------------------- Need answers to security questions? Visit the new searchWindowsManageability security forum and start a discussion! http://searchwindowsmanageability.discussions.techtarget.com/WebX?50@@.ee84c8a ==================================================================== CERTIFICATION EXPERT IN FORUM -------------------------------------------------------------------- Looking for a certification guru? Then don't miss Ed Tittel, searchWin2000's Certification Expert in the Administrator Discussion Forum this week at http://searchwin2000.discussions.techtarget.com/WebX?[EMAIL PROTECTED]^[email protected]. You can catch him live Tuesday from 2-3 p.m. EDT and on Thursday from 10-11 a.m. EDT. ======================================================== If you would like to sponsor this or any TechTarget.com newsletter, please contact Mike Kelly at mailto:[EMAIL PROTECTED]. ======================================================== If you no longer wish to receive this newsletter simply reply to this message with "REMOVE" in the subject line. Or, visit http://searchWin2000.techtarget.com/register and adjust your subscriptions accordingly. If you choose to unsubscribe using our automated processing, you must send the "REMOVE" request from the email account to which this newsletter was delivered. Please allow 24 hours for your "REMOVE" request to be processed.
