Today Active Directory Security is mission-critical to organizational security worldwide and thus mission-critical to Cyber Security worldwide. On this blog, former Microsoft Program Manager for Active Directory Security, and today, CEO of Paramount Defenses, shares valuable technical insights on Active Directory Security.

Wednesday, May 29, 2013

Active Directory Security - A Top Cyber Security Priority Today


As you may know, today Active Directory is at the very foundation of enterprise security and cyber security worldwide.

Given Active Directory's foundational role in enterprise security worldwide, based on the principle of adequate protection, it is only logical that the security of the Active Directory itself is paramount to organizational security worldwide.

As logical as it may sound, based on what we have seen in our vast experience over the last decade, we are deeply concerned to see that most organizations today across the world do NOT yet realize just how important Active Directory security really is.

I suppose the only thing more concerning is that not only do so many organizations not realize this yet, they also do not seem to possess the level of technical skill-set and expertise that is required to adequately protect their underbelly.

(You'd be surprised if we told you just how many government agencies are still looking for mere account lockout status tools.)

In addition, so many organizations believe that the presence of an Active Directory auditing solution is generally sufficient to provide adequate security for Active Directory because it can help them audit the enactment of a malicious task.

Little do they realize that auditing is merely a reactive security measure, that at best, aids in potentially detecting the occurrence of a malicious action and determining the identity of the perpetrator. The key word here is REACTIVE. The fact that the occurrence of a malicious task showed up in an audit log indicates that the malicious task has already been performed.

The keyword here is ALREADY. In such a situation, although auditing could potentially help identify the perpetrator, depending on the perpetrator's skill, the opportunity to enact a single malicious task could be (/have been) sufficient to inflict substantial, and often irreversibly damage to not just the Active Directory, but the entire Windows Server based IT infrastructure. (The first thing a smart perpetrator would do is disable all the admin accounts so no one can even login to try and stop him/her.)

The point is that the presence of any one single security measure such as reactionary auditing, is hardly sufficient to provide adequate security for an Active Directory deployment. Providing adequate security for Active Directory requires and involves the presence of numerous procedural, policy and technical security controls, that work together to provide adequate protection.

So many organizations today seem to be substantially deficient in providing adequate protection for their Active Directory deployments, and the #1 reason for this is that Active Directory security does not appear to be a high enough priority for them.

Thus, in the best interest of all organizations, we've put together a simple succinct document that unequivocally communicates the importance of protecting foundational Active Directory deployments. You can download it by clicking the image below, or clicking here.

The Importance of Active Directory Security
We do hope that this simple document helps organizations unequivocally understand just how important the security of their foundational Active Directory is to their security, and in their own best interest, ensure its adequate protection at all times.

As the very foundation of enterprise security worldwide, Active Directory security is not just important, it is paramount.

What else could be more important?

Best wishes,

Tuesday, May 21, 2013

Active Directory Security Checklist


As you may know, today Active Directory is at the very foundation of enterprise security and cyber security, worldwide.

At Paramount Defenses, we go to great lengths to provide thought leadership in this vital area of cyber security, by not only delivering the world's most valuable Active Directory security solutions that today help secure and defend the world's most respected organizations , but also by responsibly sharing valuable subject matter expertise with 1000s of organizations across 100+ countries worldwide.

In days to come, we will be declassifying arguably the #1 Active Directory security risk that organizations face today.

Before we did so, we felt it necessary to share a simple yet effective Active Directory Security Checklist designed to help organizations assess and mitigate risks to their foundational Active Directory deployments. (One of the reasons for doing so is that the #1 security risk to Active Directory deployments can be easily mitigated by ensuring that one of the items on this checklist is adequately fulfilled.)

You can download this Active Directory Security Checklist by clicking here or on the image below.

This checklist is intended to be a succinct, prioritized high-level check-list and is designed to help IT personnel assess the security afforded to their Active Directory deployments.

We humbly advise all organizations to take the security of their foundational Active Directory deployments seriously because a Microsoft Windows Server based IT infrastructure, and the entirety of IT resources stored and protected by it, are arguably only as secure as is its underlying Active Directory.

Kindest regards,