Enhancing Five Key Areas of Windows Security could help organisations to bolster security without additional spend, according to the consultancies.
One strategy outlined in the document is to improve authentication by substituting easy-to-guess passwords with "pass phrases", which are generally easier to remember and harder to break.
The paper also examines how organisations can use Microsoft Windows Server Update Services to deploy security updates, and the Microsoft Baseline Security Analyzer to check for successful deployments.
"A lot of people spend so much on patch management solutions when there's so much out there that is free these days," said Comsec UK general manager Stuart Okin, who was previously Microsoft UK's chief security advisor.
Comsec also advises firms on how best to use IPsec to ensure workstation or server isolation, thus ensuring that valuable corporate systems are protected from unmanaged or non-compliant clients.
"This can limit all sorts of attack scenarios, and it's free of charge," said Okin. "Security gets enhanced and people can look at the technology they've bought and ask themselves if they actually need to renew their licences, or at least consider it."
