This Server Configuration Policy is a vital resource for establishing and maintaining secure server settings within a company's structure. It functions as an in-depth guide, outlining standard security configurations, user rights assignments, account settings, audit settings, and network access controls. Additionally, it provides directions for additional hardening steps required for specific server roles and manual security parameters that are not ordinarily configured through group policy.

This policy assists auditors in reviewing server security settings with a detailed framework and baseline of security configurations, audit policies, user rights assignments and system settings. It enables auditors to systematically verify the adherence to prescribed security standards and protocols, ensuring that all servers operate under stringent guidelines to maintain the integrity and confidentiality of data. 

Steps for securing well-known accounts include:

• Renaming the Administrator and Guest accounts and changing their passwords to long and complex values
• Using different names and passwords on each server
• Changing the account descriptions to something other than the defaults to help prevent easy identification of the accounts
• Providing the changes made to the information security manager or the security and compliance office in a secure format