Cyber Chief Magazine: Strategies for protecting your data in the cloud Download Now
15 December, 2016 | Russell Smith

Security Tip: Detect Permission Changes in Active Directory

In this tip, I will show you how to enable auditing for changes to permissions on Active Directory objects. The following changes will log Event ID 5136 whenever someone successfully delegates or changes permissions on an object in Active Directory. The first step is to enable auditing of...
27 October, 2016 | Matt Hopton

Detecting Delegated Permissions in Active Directory

Security permissions in Active Directory can be a tricky topic. Not only does Microsoft hide them from you by default in Users and Computers, there is also no built-in tool to get an overall picture of how permissions have been applied to AD. In this article, I’ll take you through the basics...
8 April, 2016 | Troy Thompson

Group Policy for Password Monitoring

As an administrator, you have to ensure that your network is secure.  A big part of that includes deciding on a password strategy for user accounts and administrator accounts.  You can educate your users on best practices for password creation but you can also enable policies that force users to...
5 February, 2016 | Jeff Melnick

How to Detect Who Disabled a User Account in Active Directory

Users whose accounts have been disabled, either accidentally or maliciously, are unable to log into IT systems using Windows authentication. Those who are already logged in might experience problems accessing email, files, SharePoint, etc. By native auditing you should go through 6 steps listed...
Show more articles