I am trying to secure a medium size business's central server running
XP Corporate. All Users are Password protected as well as all
administrative accounts, BIOS and Chassis are protected, my only
problem is securing safe-mode. Other than the 'ADMINISTRATOR' account
being password protected as well as demoting all users to access below
administrator what other measures can i take to ensure security? I
want the maximum amount of security without concern for, "if you do
this, there's no recovering if you.....?" I understand that it is my
responsibility if a password is forgotten or lost. Thank you in
advance. -J. in california

Here is a list to get you started:

1.  Ensure security patches for your OS and software.

2.  Disable any extra services you do not need.  (several internet
sites exist explaining what each service does)

3.  Use a stateful firewall (one that checks the incoming and outgoing
packets to ensure they are established and/or related)

4.  Use EFS.

5.  Scan the system with nessus.  You can download a free version of
nessus and install it on a linux system.  Nessus will scan your
computer(s) for open ports and vulnerabilities.

6.  Install a virus scanner

7.  Enforce strict policies on what the user can or cannot do through
rules and enforcing what you can through Group Policy.  This extremely
important as most malicious computer attacks come from the inside.

8.  Put the server in a part of the LAN that cannot access the internet

9.  Use WSUS to distribute patches internally.

10. Scan all incoming e-mail for virus infections

11. rename the administrator account

12. Utilize IPSEC

13. Hire someone to audit your network for security problems

I forgot to mention, use something like tripwire to identify changes
in the system files.  This will help detect tampering by other users
or by a virus.