Month: November 2017
Privileged Access Management to Secure a Compromised AD Forest
Windows Security Expert, IT Consultant, Writer, and MCSE
Published:
Privileged Access Management (PAM) is a new feature in Windows Server 2016 that can secure environments even in cases where AD is already compromised. In this blog, I’ll describe the architecture requirements for setting up PAM solutions. Many organizations struggle to secure their systems because Active Directory is already compromised. Insiders often initiate attacks, whether … Continued
Active Directory Management: Top 7 Common Mistakes
Product Manager for Netwrix Identity Manager
Published:
Active Directory management mistakes can create security risks, downtime, and compliance issues. Common missteps include using admin accounts for daily tasks, overusing Domain Admins instead of delegating rights, and lacking recovery plans. Other errors involve managing AD directly from domain controllers, leaving stale accounts active, applying weak password policies, and failing to audit changes. Following … Continued
Hot Tips: How to Harden Privileged Account Security
Former Director of Global Solutions Engineering
Published:
Privileged accounts are user accounts with extended permissions to access systems and data, such as the root account in Unix and Administrator accounts in Windows. Sometimes they are called “the keys to the kingdom” because a privileged account enables you do things ordinary users can’t, such as change a system’s configuration or view and delete … Continued
Key Lessons Learned from Data Breaches Caused by Privilege Abuse
Former Director of Global Solutions Engineering
Published:
In a previous blog post, “Privilege Abuse: Threat Alert,” we provided an overview of what privilege abuse is and why this threat is so serious. In today’s post, we will look at the problem from a different angle. We’ll examine four notorious data breaches caused by privileged account abuse to find answers to the following … Continued
5 Things You Need to Know about IT Risk Assessment
Resident CISO (EMEA) and VP of Security Research at Netwrix
Published:
IT risk assessment identifies, analyzes, and prioritizes risks to data confidentiality, integrity, and availability so organizations can allocate resources effectively. Beyond guiding stronger security strategies, it is mandated by regulations like HIPAA and GDPR. Using frameworks such as NIST SP 800-30, ISO 27001, or OCTAVE helps standardize processes. Since risks evolve, assessment must be ongoing, … Continued
What’s New in Netwrix Auditor 9.5
Product Evangelist
Published:
Today, Netwrix Corporation released a new version of Netwrix Auditor, a visibility platform for user behavior analysis and risk mitigation that enables control over changes, configurations and access in hybrid IT environments to protect data regardless of its location. The platform provides security intelligence to identify security holes, detect anomalies in user behavior and investigate threat … Continued
