Dr. Thomas Shinder makes some excellent points about how difficult it can be to enact good security. Even something as seemingly straightforward as installing Windows Server 2008 Core to reduce your attack surface can harbor hidden perils. What hidden perils? Well, misconfigurations are inherently more common when managing a server strictly though the command-line interface (CLI). But, the good doctor says it far more eloquently than me. Check out this post as well as several other high quality posts on Dr Shinder's Windows Security blog.