Archive for the ‘Active Directory’ Category

Are you able to instantly identify who has access to the sensitive data in your Active Directory? Sometimes, answering “who has access to what?” in your IT environment can be difficult. Knowing who has permission to what enables IT teams to ensure that the right users have the right levels of access to the right data. This is a critical part of ensuring the principle of least privileges, where users … Read more

Active Directory controls access to your critical systems and data, so is the ultimate target for hackers because it holds the keys to your entire kingdom. Here are 10 steps you can take to ensure that your business stays protected. 1.Physical security Domain controllers (DCs) should be placed in a physically secure location. Once physical access is gained, protections you have in place can potentially be overridden. 2.Deploy RODCs where … Read more

People generally think that auditing and monitoring are the same thing and, in some ways, they are. The differences between them are subtle, but important none-the-less. In short, auditing is done by auditors, and it is the auditors responsibility to make use of the available technology to aggregate and present the log data in a way that that can be understood and “monitored” by administrators and managers. While most modern … Read more

In every organization, Active Directory administrators need to be able to produce detailed reports on user access, object modification, privileged user activities and more. The reason for this may be down to external compliance requirements, IT security, litigation purposes or a combination of all three. Depending on the requirement, the urgency of such reports may vary. For example, if you are tracking Active Directory activities in order to maintain network … Read more

Misconfigured Domain Controllers (DCs) present a major security risk for Active Directory. To ensure that your Domain Controllers are configured correctly, you will need to closely review the default Domain Controller Policies, create Domain Controller GPOs (Group Policy Objects) and configure Group Policy Settings. Your policy will need to include patching and protecting Domain Controllers, and include an effective DC auditing strategy for monitoring and reporting changes to event logs. … Read more

Attackers are persistent in their pursuit to compromise Active Directory services due to their role in authorising access to critical and confidential data. As organisations expand, their infrastructure becomes increasingly more complex, which makes them a lot more vulnerable to attack as it is harder to keep track of important system changes, events and permissions. It’s also becomes a lot harder for organisations to determine where their sensitive data is … Read more

The overall cost to the UK economy from cyber-crime alone is well over £20 billion, and businesses are the ones that feel the effects the most. Every year we see stories of network attacks, yet it appears that many businesses are still not taking steps to mitigate the risks. Surveys suggest that most companies that face a significant security breach go out of business within a year. The average cost … Read more

The Active Directory is one of the most important security mechanisms for any Windows network. The Active Directory contains everything from user accounts and password policies, to group policy settings. As such, most organizations put considerable effort into determining which Active Directory settings will best meet the organization’s security requirements. Even so, all of this careful planning can be undone by configuration drift. Configuration drift happens when changes gradually occur … Read more

For organizations that use Windows Server, nearly all authentication and access control related tasks are tied to the Active Directory. Additionally, application configuration information is also sometimes stored in the Active Directory. Given everything that the Active Directory does, it would not be a stretch to think of the Active Directory as being the glue that ties all of an organization’s IT resources together. Because the Active Directory is such … Read more

In view of the rapidly increasing security risks IT enterprises are facing, securing the Active Directory from privilege misuse and abuse has become a global concern. Domain administrator rights are often granted to Active Directory users with to allow them to accomplish various tasks inside or outside of the network. However, giving large numbers of users privileged access can be problematic – occasionally leading to privilege abuse in the form … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All Trademarks Acknowledged.