The following are best practices from this chapter:
Customize security templates to ensure that application and operating system functionality are not broken or negatively affected.
Use security templates provided by Microsoft, the National Security Agency (NSA) or the National Institute of Standards and Technology (NIST) as baselines for customizing the organization's security templates.
Keep servers and client computers up-to-date with the latest service pack and security updates.
Consult Microsoft, NIST, and NSA security guidelines for securing the operating system.
Use third-party antivirus software.
Authenticate clients to the Exchange Server 2003 messaging infrastructure, using Kerberos whenever possible.
Outlook 2003 users should use Cached Exchange mode if they will be using RPC over HTTPS connections over the Internet.
Combine Exchange Server 2003, Outlook 2003, and third-party features to combat spam.
Block all read receipts.
Implement IRM.
Use S/MIME to encrypt sensitive or confidential messages.