Read this story about Jerome Kerviel, and get worried.
According to news reports this guy:
That's all pretty general - but, uh, when was your last security audit?
Some stuff from Microsoft that'll help you:
“The Microsoft Security Assessment Tool, known as MSAT, is a free tool in that is localized in 16 languages. It is designed to help small to midsize organizations assess security weaknesses in their current IT environment. MSAT consists of over 200 security questions using a Defense-in-Depth framework reviewing the organization's infrastructure, application, operations, and personnel. From the assessment, customer's gain great insight into their security posture through a comprehensive report that consists of Microsoft and industry noted recommendations to help them prioritize their security activities. Partners can leverage this tool to provide additional value added security services for their customers and gain partner points for uploading encrypted customer results. For more information on the Microsoft Security Assessment Tool and the download location go to the Technet Security Tools website.”
Threats and Countermeasures Guide. "The Threats and Countermeasures guide provides you with a reference to all security settings that provide countermeasures for specific threats against current versions of the Windows operating systems. Many of the countermeasures that are described in this guide are not intended for specific computer roles in the companion guides, or in some cases for any roles at all.
The Windows Server 2003 Security Guide, which is available at http://go.microsoft.com/fwlink/?LinkId=14845, "provides specific recommendations about how to harden computers that run Windows Server 2003 SP1 in three distinct enterprise environments—one in which older operating systems such as Windows NT 4.0 and Windows 98 must be supported, one in which Windows 2000 is the earliest version of the Windows operating system in use, and one in which concern about security is so great that significant loss of client functionality and manageability is considered an acceptable tradeoff to achieve maximum security. "
The Windows XP Security Guide, which is available at http://go.microsoft.com/fwlink/?LinkId=14839, provides specific recommendations about how to harden computers that run Windows XP with SP2 in three distinct environments:
Oh, and if you havent already, you'd better start looking at deploying Vista SP1 and Windows XP SP3.
Are you still reading? How about these?