Identifying User Categories and Their Security Needs and Risks

Your network infrastructure is in place to serve people for the benefit of your organization. For the purposes of discussing network security strategies in this chapter, these people are divided into four network user communities:

Everyone   This category includes all people accessing your network from any organization or location, which could include staff, users, and partners. They generally cannot easily be identified reliably and must, therefore, be considered anonymously.

Staff   This group includes all people who work for your organization. They can be easily identified using standardized internal procedures. Typically, they use company e-mail and your intranet.

Users   This group includes staff who use applications to accomplish business functions.

Partners   This group includes people from any organization or location who have a special relationship with your organization. They are prepared to follow standardized procedures so that they can be identified. They might use facilities similar to staff and users. They are often considered to be part of an extranet.

The network security strategies presented in this chapter address the needs and risks of each category of network user and detail approaches you can use to satisfy their needs while minimizing risks. In addition, you will find an overall strategy for security in general and an overall strategy for network security infrastructure.

© 1985-2000 Microsoft Corporation. All rights reserved.