A ConfigMgr server as an automatic system in the hands of an inexperienced administrator is a very dangerous tool, and, unfortunately, there have been cases where unskilled administrators have erased all the data on all computers managed by the server.
For this reason, when deploying the server, it is very important to properly secure the server and grant access only to those people who should have access; this needs to be well planned as well.
Securing the environment against unwanted access to data or the console might be done by:
- Turning on encryption of data that is exchanged between clients and the ConfigMgr server
- Turning on HTTPS instead of HTTP and securing the communication between clients and ConfigMgr server using public key infrastructure (PKI)
- Granting proper permissions to the console for users and groups only...