Best practices for configuring security features in Windows Server have changed in recent years. We’ve just said (official) good-bye to Windows Server 2008 R2, and we should be getting ready to say good-bye to Server 2012 R2 as support ends in three years. It’s harder for those older servers to deal with today’s threats, such as new ways to gain access through tampering with and spoofing code-signing certs.
Here are nine security settings that no longer have the same impact, depending on what server or cloud platform you are using, and the settings or policies you should be using in addition to them or in their place.
1. Old advice: Rename the administrator account
Once upon a time, the main guidance was renaming the administrator account. This was even made into a wizard process on some server platforms. A few years ago, attackers would go after account names, and if you renamed the administrator account to something else, you would make it harder for attackers. Today, renaming the administrator account is no longer as impactful because attackers can use phishing and harvesting of credentials left behind on systems to gain a toe-hold into your system.