T 2.31 Inadequate protection of the Windows NT system

Windows NT is supplied with very extensive access rights to the file system and to the registry. If these access rights are not set out more strictly after installation according to local security requirements, every user effectively has access to all files and to the entire registry, i.e. access protection is eliminated de facto.

Furthermore, Windows NT is not able to check access to floppy disk drives, CD-ROM drives and tapes. As a result data can be imported and exported improperly if access to these data media has not been restricted or at least checked at an organisational level by additional safeguards.