Site Security Planning

Why Is Security Difficult?

When developing priorities for site security, keep in mind the organization, as well as its assets that must be secured. You must provide extensive access to the same assets you are trying to secure. Balancing these two requirements makes creating effective security measures difficult, particularly on a limited budget. Use the following general rules for deploying and securing the assets on your site:

1. Make each asset accessible to everyone who should have access to it, whenever they need it.
2. Protect each asset from intrusion by anyone who should not have access to it.

The first rule promotes awareness that the organization’s mission is something other than security. The second rule suggests an effective approach to developing security policy: a least-access approach.

© 1997-1999 Microsoft Corporation. All rights reserved.