Administering Trustworthy Computing

As developers, administrators, and consumers rely increasingly on global connectedness, an ever greater need for security has inspired the Microsoft Trustworthy Computing initiative. The Microsoft product teams have embraced this initiative and its challenges and are committed to providing you with the most secure computing environment possible. In keeping with that commitment, this version of the Component Services administrative tool enables you to set the software restriction policy for your COM+ applications, as well as allowing you to easily configure role-based security for your COM+ partitions and applications.

However, trustworthy computing cannot be achieved by software alone. It also requires a commitment on the part of developers and administrators to understand and anticipate the potential vulnerabilities of their systems and applications. While the demands of your computing environment may require its own particular, proprietary safeguards, the following list offers useful guidelines for security best practices:

• Restrict physical access to computers, especially domain controllers, to trusted personnel.
  
  
• Enforce the Principle of Least Privilege by granting only the permissions necessary for a given task.
  
  
• Define groups and their membership and set default access levels in accordance with their defined roles.
  
  
• Use strong Access Control Lists to secure data on your computers.
  
  
• Use strong passwords throughout your organization.
  
  
• Never download or run programs that come from untrusted sources.
  
  
• Keep your virus-detecting programs up-to-date.
  
  
• Keep all security patches up-to-date.

For detailed information about applying these practices in the Microsoft® Windows® Server 2003 environment, as well as an overview of security and new security features, click Start, click Help and Support, and then click Security.

For more information about using the COM+ Security services, see Administering Application Security.