20 February, 2017 | Brian Svidergol

Active Directory Auditing

IT administrators have been working with and around Active Directory since the introduction of the technology in Windows 2000 Server. Windows 2000 Server was released on February 17, 2000 but many administrators began working with Active Directory in late 1999 when it was released to manufacturing...
23 March, 2016 | Jeff Melnick

How to Detect Who Deleted a Group Policy Object

Group Policy Objects (GPOs) can provide configurations for access to shared resources and devices, enable critical functionalities or establish secure environments. If some of the GPOs are deleted, users may not be able to access the Internet, modify their data, use peripherals or even log in to...
5 February, 2016 | Jeff Melnick

How to Detect Who Disabled a User Account in Active Directory

Users whose accounts have been disabled, either accidentally or maliciously, are unable to log into IT systems using Windows authentication. Those who are already logged in might experience problems accessing email, files, SharePoint, etc. By native auditing you should go through 6 steps listed...
15 January, 2016 | Adam Bertram

How to Get User Logon Session Times from the Event Log

If you’re a knowledge worker, to be productive in a work environment, you’re probably going to need a user account. And you’re probably going to need to actually use this user account to login to your office and mobile devices. If you don’t, you’re probably not going to be working at that...
22 January, 2014 | Richard Muniz

Auditing: The Single Biggest Lesson to Learn (Part 1)

The young lady that was reviewing our audit with me sure didn’t look like a vampire.  But as she dug deeper and deeper into our results, I began to feel myself getting weaker and weaker, just as if she were sucking my life blood from me.  What she was sucking away from me was much less than...
11 November, 2013 | Nick Cavalancia

Best Practices for Change Management in the Data Center

When it comes to change management, Scott Matteson gets it.  Too many companies today make changes without any kind of change management in place. Scott's approach even includes the mandated use of individual accounts to perform changes so that Auditing of system changes can easily be tied back to...
7 November, 2013 | Nick Cavalancia

Death by Event Log Overload

When it comes to security, event logs are supposed to be the best friends of an IT guy managing the environment, right? Roger Grimes from InfoWorld claims that the evidence of malicious activity can be found in Event Logs. So, if companies today already have all necessary data that points...
18 October, 2013 | Deb Shinder

Top 6 Security Breaches that Auditing Would have Prevented

Because IT security breaches have become so prevalent, the common model for addressing them is often more reactive than proactive. Have you given up and given in to the idea that breaches are inevitable? Money, time and effort is put into establishing incident response teams, but often preventative...
7 October, 2013 | Nick Cavalancia

The State of Active Directory Auditing 2013

It’s a never–ending problem: if you have more than one person managing Active Directory, you’ll eventually find yourself in a situation where AD isn’t configured the way you expected and you have no idea how you got there. We held a survey as part of our recent webinar, “Making Your...
Show more articles
...