Preventing anonymous access to serviced components
Protecting sensitive data
Authorizing callers by using Enterprise Services (COM+) roles
Using least privileged run-as accounts
Securing secrets in object constructor strings
Auditing from middle tier serviced components
Deployment considerations for serviced components