Introduction

Several years ago security was often an afterthought, and when it was implemented security was usually lax. However, with the increasing importance that businesses place upon the data that is their business, and with the increasing number of hackers, crackers, exploits, viruses, worms, and Trojans, security has become an industry, and it is all of your responsibilities.

Windows XP has many security features built into the operating system that fall into three major categories: file system security, account security, and network security. File system security includes file and folder permissions and the Encrypting File System (EFS). Account security includes Security Groups and Security Policies. Network security includes the Internet Connection Firewall (ICF), TCP/IP Filtering, smart cards, Extensible Authentication Protocol (EAP), and 802.1 x security. Throughout this chapter, we examine each category in more depth and review some suggestions for making your systems secure.

Determining an appropriate security policy for your particular environment is a complex process and is, of course, dependent upon your resources and requirements. Some environments may require a lower level of security than others, and some may require a very high level of security. In this chapter, we take a look at some of the available security options and how to use them.

File System Security

Our first look at security begins with file system security, because it is the most basic way to protect your confidential files and prevent unauthorized users from tampering with your systems. The NTFS file system provides the capability to...