When making use of customized Windows images, security should be provided to prevent unauthorized access to sensitive, proprietary or otherwise restricted information.
If Deployment Services are used,, the following steps are advised.
Create a security group; give it name to indicate its users are allowed to install images from your Windows Deployment Services.
In Windows Deployment Services console, select your Windows DS server, open Install Images node, right click on Image Group, proceed to Properties.
On the Security tab make user you grant Read and Execute permissions to the group mentioned and revoke all the rights for all the other users different from SYSTEM and Administrators group. Do the same for all the Image Groups.
The settings applied to Image Groups are automatically propagated to every single image within these groups.
You can also secure images individually.
