Archive for the ‘Auditing’ Category

The Active Directory is one of the most important security mechanisms for any Windows network. The Active Directory contains everything from user accounts and password policies, to group policy settings. As such, most organizations put considerable effort into determining which Active Directory settings will best meet the organization’s security requirements. Even so, all of this careful planning can be undone by configuration drift. Configuration drift happens when changes gradually occur … Read more

For many organizations, IT operations are driven by regulatory compliance requirements. Systems containing sensitive data must be secured and maintained in a way that adheres to the regulatory requirements. Industry specific applications, such Electronic Health Records systems, are commonly designed with regulatory compliance in mind. After all, the application vendor knows which industry will use the application, and what the regulatory requirements are for that industry, and can therefore design … Read more

For organizations that use Windows Server, nearly all authentication and access control related tasks are tied to the Active Directory. Additionally, application configuration information is also sometimes stored in the Active Directory. Given everything that the Active Directory does, it would not be a stretch to think of the Active Directory as being the glue that ties all of an organization’s IT resources together. Because the Active Directory is such … Read more

In this post, I’ll explain how Privileged Access Management (PAM) in Windows Server 2016 can be used to protect privileged credentials, and provide an outline of the solution’s architecture. It’s common to find IT staff assigned permanent domain administrator privileges, or others that are local administrators on devices used for managing the domain and sensitive systems, making it easier for malicious users to hack line-of-business systems. Adding users to privileged … Read more

Introduced in Windows Server 2008, Access-Based Enumeration (ABE) provides system administrators with an additional tool for protecting sensitive information on file servers. First available as an add-on package for Windows Server 2003 before being available out-of-the-box in Windows Server 2008, ABE prevents users from seeing files and folders to which they don’t have access, which might be useful in cases where folder names contain sensitive information, if the location of … Read more

In view of the rapidly increasing security risks IT enterprises are facing, securing the Active Directory from privilege misuse and abuse has become a global concern. Domain administrator rights are often granted to Active Directory users with to allow them to accomplish various tasks inside or outside of the network. However, giving large numbers of users privileged access can be problematic – occasionally leading to privilege abuse in the form … Read more

Domain, Schema and Enterprise administrators hold the keys to your Active Directory (AD) kingdom, but it’s not uncommon to find organizations routinely issuing new IT hires with domain administrator privileges to expedite access for support purposes, or at best a proliferation of privileged accounts lying dormant and unaudited, giving attackers a potential way in to your systems. If it’s a revelation that domain administrator privileges aren’t required to add, delete, … Read more

In 2016, a lot of emphasis was put on organizations protecting themselves against external security threats – especially in the light of high profile security breaches, including the FBI and World Anti-Doping Agency. However, most enterprise security executives in 2016 experienced a higher amount of attempted theft or corruption of data from internal sources rather than external ones. With this in mind, don’t repeat the same mistakes in 2017 that … Read more

The role of the IT department is multifaceted and constantly evolving. One are that has remained a very important part of the IT department’s role is the regular auditing of critical IT systems. Regular, in-depth auditing helps to streamline systems management, strengthen security and meet regulatory compliance mandates. Given below is a list of points, based on the US government’s NIST (National Institute of Standards and Technology) Cyber Security framework … Read more

Anyone in charge of regularly auditing their organization’s Active Directory knows how difficult it can be to log, filter and recover event details from mountains of raw log data. If you’re reading this, then it is likely that you have decided to go for an automated solution to make things easier. There are many solutions on the market that claim to do similar things so it is important that you … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All Trademarks Acknowledged.