Securing Microsoft Services

by Mark Burnett Sept. 1, 2017 via Symantec

Shut off unnecessary services. It is sound advice that is preached in just about every security book, checklist, or training class. But all too often the advice ends there, leaving systems administrators to wonder what exactly is an unnecessary service and how best to shut it off. Sure, it’s easy enough to click on "Administrative tools" then "Services" to view the available services. And it's easy to double-click a service you do not use and set the "Startup Type" to disabled. But is there more to securing services than just that? A service is an application that runs in the background, independent of any user session. Because services run unattended at startup, they are well suited for server-type applications such as a Web server. But this also has its drawbacks, because a user may not be aware that a service is running. Without any user interaction, one could be running a number of default services and never be aware of the potential security risks.

https://www.symantec.com/connect/articles/securing-microsoft-services