Don’t forget to secure your UPS!
Here’s a security precaution you may not have thought of before. Syskey is supposed to be a great way of securing a Windows server against physical attack. But I’ve actually heard of thieves breaking into a server room and stealing a server *with* the UPS backup power supply still attached to it. The idea is that the server is still turned on so when they get back to their hideout they can try various over-the-network brute force attacks on the server to compromise its Syskey machine key, yikes! The moral of the story? Make sure this scenario isn’t possible somehow, maybe by isolating your UPS in a separate room or welding it to the floor or something similar.
Mitch Tulloch was the lead author for the Windows Vista Resource Kit from Microsoft Press, which is THE book for IT pros who want to deploy, maintain and support Windows Vista in mid- and large-sized network environments. For more about Mitch, visit his website www.mtit.com