Christian Buettner-167247 (9/23/2013)
So if you don't need the features that rely on guest access, you can disable it in msdb?
So the correct answer should be "It depends on the security requirements"?
The correct answer should always be "it depends."
I also think that "it depends". Especially since you can grant connect permissions to the users directly (instead of relying on guest) if you really want to harden the system.
And you have no (known) issues if you do not use SSMS or OCS at all for your super secure production system 😉
I'm not sure that the _correct_ answer should always be "it depends" but the _kneejerk_ answer usually is.
I don't like questions with subjective measures like "is it a good idea to ..."
Even "best practices" evolve over time. I know.. QotD is explicitly 'now' but I'm being pedantic. 🙂
btw, I didn't see anyone answer why guest has so much access by default. On the same front, why does "public" even exist? (oh right, else there would be free-for-all naming of the "everyone" or "don't bother me about security" group)