1 / 0

Active Directory Security

Active Directory Security. Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if the secure way also happens to be the easy way Law #3: If you don't keep up with security fixes, your network won't be yours for long

malo
Download Presentation

Active Directory Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Active Directory Security

    Why bother?
  2. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if the secure way also happens to be the easy way Law #3: If you don't keep up with security fixes, your network won't be yours for long Law #4: It doesn't do much good to install security fixes on a computer that was never secured to begin with Law #5: Eternal vigilance is the price of security Microsoft’s 10 Immutable Laws of Security Administration
  3. Law #6: There really is someone out there trying to guess your passwords Law #7: The most secure network is a well-administered one Law #8: The difficulty of defending a network is directly proportional to its complexity Law #9: Security isn't about risk avoidance; it's about risk management Law #10: Technology is not a panacea Law’s continued
  4. Next time someone asks why miscreants might want to hack his PC, show him this diagram. https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/

  5. Setting Up a Secure Environment

    Overview *Not all encompassing*
  6. Service packs Hotfixes Notifications Network scanners Virus / malware protection software Updates http://www.pcprofessionals.com.au/2013/the-importance-of-windows-updates/
  7. Disable guest account Transport level encryption Remote network access File permissions Security groups Group policy Disable / uninstall unused services Secure user rights Firewall settings Backups Best Practice Analyzer – BPA Microsoft Baseline Security Analyzer Security Settings
  8. Enabled Adequate storage Central location Review schedule Email & other notification Audit Logging
  9. Why bother? Limit access Access logs Locked server closet / room Security cameras Network plugs Paper trail Environment monitoring Wireless vs wired Biggest security vulnerability – humans Physical security http://goinfopipe.com/top-7-physical-security-trends/#!prettyPhoto
  10. Company stand Passwords Employee dismissal User access levels Privacy Mobile data transfer Computer use Policies
  11. Sync network time Train your users Miscellaneous
  12. http://www.newark.com/images/en_US/marketing/pdf/BLackBoxPhysicalNetworkSecurity.pdf http://www.newark.com/images/en_US/marketing/pdf/BLackBoxPhysicalNetworkSecurity.pdf http://it-audit.sans.org/community/checklists/active-directory-security http://technet.microsoft.com/en-us/library/cc722488.aspx https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/ Sources
More Related