Maintaining a Secure Environment
You have diligently hardened all your servers and applications and followed all of the security best practices in setting up your farm and sites—so now what? Without proper maintenance, your secure site will not stay that way for long. If someone asks, "Are we secure?" the correct answer is "Let me check" (unless you know you have security issues, in which case feel free to say "No"). Your site and network may be secure at this moment, but things in security change very rapidly and you could be vulnerable minutes or days after an update.
Patch Management
The foremost security concern of Windows Server and Office SharePoint Server administrators should be patch management. Ensuring that security patches for Windows Server, Office SharePoint Server, Microsoft SQL Server, etc. are applied to every server in a prompt fashion will go a long way toward keeping your Office SharePoint Server environment secure.
You should implement a patch management solution to ensure patching is done on a timely and consistent basis. Microsoft offers solutions such as Windows Server Update Services (WSUS) and Microsoft Systems Management Server (SMS), and there are other solutions that handle patch management (among other things) are also available from third-party vendors for a fee.
For further information on WSUS, visit the following URL:
| http://www.microsoft.com/windowsserversystem/updateservices |
Vulnerability Assessment
You should perform periodic basic vulnerability assessments ...
Get SharePoint 2007: The Definitive Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
