Backup is a fairly antique part of IT nowadays. The trend over the last year or so seemed to be real time backup to SANs at huge cost in terms of infrastructure. Now Microsoft has announced that they are going to put forth an offering that will not only bring this solution down to smaller orgs, but will also allow users to do their own recovery.
This is huge! Just like the telcos are seeing their revenue evaporate in the wake of VOIP I would hate to be selling a traditional backup suite.
Alot of sources say that you should rename your administrator account on your windows systems and windows network. While I agree with this wholeheartedly, you need to take the war to the hacker.
First, renaming the administrator account to admin or adm or something equally obvious when seen doesn’t cut it. You need to get evil. If you rename the account (and you should) then rename it to something indistinguishable from the rest of your accounts. Remember that internal threats are real and your uses can usually see the entire user list. Pick someone you went to school with that will never work for your company (at least not while you work there) and rename the administrator as if it were that person’s account according to your standard naming practices. SJones for instance for Susan Jones. Also fill out the record with a description, etc. For larger companies you want to make this impossible to discern by a typical user from someone working in a remote office or maybe a temp that never got deleted. Understand that this is easiest when you first setup the machine or network, but can be done long after if you can bring yourself to do away with using the Administrator account for services or regular network maintenance.
So now you have an administrator that no one can identify from just looking at the user list. The SID for the administrator account is still the same and we can’t do much about that, but we take what we can get.
Next move is to create a new account named Administrator. Give it a nightmare password (14 or more characters with mixed case and symbols everywhere) and then turn on auditing for failed logins at a minimum. Now you have setup a scenario where no one has any business using the administrator account for anything except hacking.
If you follow this tactic for all privileged accounts so that Exchange runs under MKelly and SQL Server runs as PRobinson then you have just taken a lesson from Sun Tzu and applied it to your system security. Machiavelli would be proud!