Here are free guides from Microsoft to get your IT security staff ramped up.
The Security Monitoring and Attack Detection Planning Guide
describes how to plan a security monitoring system on Windows-based
networks that can detect attacks that originate from internal and
Smart cards provide particularly
effective security control in two scenarios: to secure administrator
accounts and to secure remote access. We use them here at Microsoft.
The Secure Access Using Smart Cards Planning Guide details these two scenarios as the priority areas in which to implement smart cards.
The Administrator Accounts Security Planning Guide
provides prescriptive guidance on steps you can take to secure your
local and domain-based administrator-level accounts and groups.
Once you have the admin account locked down you will want to read the Services and Service Accounts Security Planning Guide.
This guide addresses the common problem of Windows services that are
set to run with highest possible privileges, which an attacker could
compromise to gain full and unrestricted access to the computer or
domain, or even to the entire forest.
Finally, you should read the Implementing Quarantine Services with Microsoft Virtual Private Network Planning Guide.
This guide describes the challenges in and benefits of planning and
implementing quarantine services with VPN through the new features
available in Microsoft Windows Server 2003 with Service Pack 1 (SP1).
From Tonyso's Technet Blog.