If you have a small or medium sized network and started the process of doing a security review, you might be overwhelmed by the amount of security information out there. What should you do first? Lock down file shares? NTFS permissions? Put together a PKI? Clean up your Active Directory? Figure out how to best audit file and Web access? Deploy AV and AM software?
Network and computer security is a very deep and wide subject and its impossible to do everything at once. That's why we always say that security is a process - a daily process of thinking about security issues, planning to implement security improvements, implementing them, and then monitoring their effectiveness.
But the first step is to get past the temptation to throw up our hands in frustration. Get help you get started, check out this nice short article called Six Easy Pieces for Computer Security. This article will help you get started on your security journey of a thousand miles
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer