PROCEDURE: DATE: October 21, 2013
SUBJECT: Disabling Unnecessary Functionality
Prepared by: Sherry Hahn, Digital Research and Curriculum Coordinator
Approved by: Dr. Dean O. Stenehjem, Superintendent
purpose of this policy is to establish standards for the disabling unnecessary
functionality of internal workstation/server/network equipment that is owned
and/or operated by Washington State School for the Blind. Effective
implementation of this policy will minimize security risks to
This procedure applies to pc, server (including web) and network equipment owned and/or operated by Washington State School for the Blind, and to servers registered under any Washington State School for the Blind-owned internal network domain.
After installing a Windows Server, any network services not required for the server
role should be disabled. In particular, consider whether the server needs any IIS
components and whether it should be running the server service for file and print sharing.
Disable the following unnecessary services: IPSEC, DNS, DHCP, SNMP, Indexing Services.
Avoid installing applications on the server unless they are necessary to the server's function. For example, do not install e-mail clients, office productivity tools, or utilities that are not strictly required for the server to do its job.
Use Microsoft Security Compliance Manager to establish security baselines for Windows client and server operating systems, and Microsoft applications. Disable unnecessary functionality such as scripts, drivers, features, subsystems, file systems and services as appropriate.
Server For purposes of this policy, a Server is defined as an internal WSSB Server.