This situation — there is a server running Windows Server 2003 R2
Maintains the internal network of the enterprise through his company gets the Internet. To it through RDP sometimes external clients (a client list is limited and permanent)
I don't have much experience in administration. Documentation of course necessary, if you work with it seriously enough, it'll be, but, of course, not immediately. (And I probably will not be his to administer, but it already details)
Please the hive mind: please, please, what the basic points at the start to pay attention to understand — enough protected by the server or not. Well, there is, for example, is disabled for Guest entry, complex passwords for users, filter the IP all of that.
Thanks in advance