Archive for the ‘Auditing’ Category

IT administrators require elevated rights in Active Directory to carry out certain tasks, a fact that we can’t deny. However, should an attacker gain access to a user account in AD with admin-level privileges, they will have free reign to do pretty much anything they choose. They can potentially download a database containing large amounts of PII, or access folders containing valuable company secrets. They may choose to install a … Read more

According to the 2019 Data Exposure Report (DER), commissioned and published by Code42, employees are still considered to be the #1 cause of data breaches. The survey was carried out by independent UK-based research group, Sapio Research, and included 1,028 IT security professionals and 615 business executives from companies across Europe and the United States. When questioned about whether they had experienced a breach, and what they thought was the … Read more

Monitoring file activity is not as straight forward as it sounds. After all, in order to detect and respond to suspicious or troublesome file activity, we need to know in advance what it is we are actually looking for. Below are 8 of the most common scenarios that can compromise either the security or integrity of our critical files, along with a brief summary describing how Lepide Data Security Platform … Read more

In this blog, we will be going through how the AdminSDHolder object in Active Directory can be used in Active Directory attacks. We will also go through what you can do to help defend against AdminSDHolder attacks and how Lepide Data Security Platform can help make this process easier. What is an AdminSDHolder? Essentially, the AdminSDHolder is an object in Active Directory that acts as a security descriptor template for … Read more

Disclaimer – the perfect overall security strategy will include endpoint security. I am in no means saying that endpoint security is worthless. However, in this article I will attempt to justify why I think it is far more beneficial to look at your security strategy from a data-centric standpoint. I believe that many organizations are still adopting old methods of data protection, believing that firewalls, anti-virus and network access controls … Read more

First things first, what is Group Policy? Group Policy is a feature of Windows that facilitates a wide variety of advanced settings that network administrators can use to control the working environment of users and computer accounts in Active Directory. It essentially provides a centralized place for administrators to manage and configure operating systems, applications and users’ settings. Group Policies, when used correctly, can enable you to increase the security … Read more

Active Directory plays such an important part in the makeup of most organizations’ IT infrastructure, that it automatically becomes the first target for attackers. If an attacker gets into one of your user accounts, any you don’t know that it’s happened, it’s only a matter of time before you are the victim of a disastrous data breach (especially is this user account has special privileges). Understanding LDAP plays an important … Read more

Recently we published a blog about five key PowerShell commands that you need to help you better manage Active Directory. As this blog was so well received, we decided to do a follow up. If you want to read the original blog, then click here. Before We Begin Before you get started, you’re going to have to import Module Active Directory. Without importing the corresponding module into the PowerShell session, … Read more

PowerShell was developed so that IT operations and administrative tasks in operating systems like Active Directory could be drastically simplified and automated to save huge amounts of time and effort. PowerShell is able to integrate with services and applications to help administrators get complete control over the management of both clients and servers. With every new update of the underlying framework, PowerShell becomes more advanced and more features become available. … Read more

Auditing any of your critical IT infrastructure is a process that involves collecting information into readable reports, analyzing those reports and taking the required action to ensure the security and integrity of that system. Group Policy is no different. For effective Group Policy Auditing, you need to be able to report on changes in such a way that enables you to take the right steps to ensure restrictions and controls … Read more