Re: Scheduling NTBackup to mapped drive

  • From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 5 Aug 2004 14:30:41 -0700

> You should leave the user logged in. Meaning, you
> should LOCK the computer using ctrl-alt-delete, therby
> securing the server and maintaining your mapped
> drives.
> I do that for all 110 of my servers. If you leave it
> unlocked and logged off, anyone can log into it
> creating a huge security problem.

THAT is a big item for discussion. IMHO, leaving the server logged on,
whether or not locked, is a security risk. Any thing that can fire from the
server with a user logged in will run under the permissions of that user. If
no one is logged in, they first have to authenticate.

If you consider a computer sitting there not logged in a security risk, time
to look at user access policies and password policies.

John Tolmachoff
eServices For You

Other related posts: