{ active directory security why bother?. law #1: nobody believes anything bad can happen to them,...
TRANSCRIPT
{
Active Directory Security
Why bother?
Law #1: Nobody believes anything bad can happen to them, until it does
Law #2: Security only works if the secure way also happens to be the easy way
Law #3: If you don't keep up with security fixes, your network won't be yours for long
Law #4: It doesn't do much good to install security fixes on a computer that was never secured to begin with
Law #5: Eternal vigilance is the price of security Microsoft’s 10 Immutable
Laws of Security Administration
Law #6: There really is someone out there trying to guess your passwords
Law #7: The most secure network is a well-administered one
Law #8: The difficulty of defending a network is directly proportional to its complexity
Law #9: Security isn't about risk avoidance; it's about risk management
Law #10: Technology is not a panacea
Law’s continued
Next time someone asks why miscreants might want to hack his PC, show him this diagram.https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/
{
Setting Up a Secure Environment
Overview*Not all encompassing*
Service packs Hotfixes Notifications Network scanners Virus / malware protection software
Updateshttp://www.pcprofessionals.com.au/2013/the-importance-of-windows-updates/
Disable guest account Transport level encryption Remote network access File permissions Security groups Group policy Disable / uninstall unused services Secure user rights Firewall settings Backups Best Practice Analyzer – BPA Microsoft Baseline Security Analyzer
Security Settings
Enabled Adequate storage Central location Review schedule Email & other notification
Audit Logging
Why bother? Limit access Access logs Locked server closet / room Security cameras Network plugs Paper trail Environment monitoring Wireless vs wired Biggest security vulnerability – humans
Physical securityhttp://goinfopipe.com/top-7-physical-security-trends/#!prettyPhoto
Company stand Passwords Employee dismissal User access levels Privacy Mobile data transfer Computer use
Policies
Sync network time Train your users
Miscellaneous
http://www.newark.com/images/en_US/marketing/pdf/BLackBoxPhysicalNetworkSecurity.pdf
http://it-audit.sans.org/community/checklists/active-directory-security
http://technet.microsoft.com/en-us/library/cc722488.aspx https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hack
ed-pc-revisited/
Sources