Netherlands: Software

Introductie Windows Server 2016

Issue link:

Contents of this Issue


Page 125 of 173

116 C H A P T E R 5 | Security More info JEA is a detailed subject, and we can provide only the basics here. For further guidance and to see all of the configuration options, go to A strategy for securing privileged access It has to be said that no matter how secure you can make an operating system or service it is only as secure as the weakest password. For example, suppose that you have the most sensitive data on earth and you encrypt it by using the most sophisticated technology, but then you use a password like "Password01"; this utterly defeats the purpose of putting in place a battery of secure technologies. Let's look at another scenario. Walk around your office and count how many people have written their passwords on notes and stuck them on their keyboards or monitors. Then, observe how many people have pictures of their family or pets on their desk. When those people need to think of a password, what is the likelihood that it might be something personal based on the pictures? Now, let's consider a final scenario: the social engineering attack. With this particular form of attack— which is a leading cause of security breaks—the attacker calls someone, out of the blue, and pretends to be from IT, saying he needs to verify some account information. If the attacker is good at his job, the chances are high that the hapless victim will readily provide the information. With those scenarios in mind, the attacker will gain access to something and potentially use that access that to perform an escalated attack. But, what if the account were a privileged one in the first place. Securing privileged access is not a single technology; it is a set of practices that an organization can implement to become more secure. Although focused primarily on privileged access, it highlights the need for any organization to implement and test all policies related to security and conduct the necessary readiness to make people aware of potential areas of exposure. No network to which users have access will ever be 100 percent secure, but to begin down the path of securing privileged access to systems and networks, you must be diligent with regard to the following basics: Updates Deploy updates to domain controllers within seven days of release. Remove users as local administrators Monitor and remove users from local administrators if they don't need this access. Use Active Directory to control membership centrally, if required. Baseline security policies Deploy policies that will maintain a standard configuration for the organization. Exceptions will exist, of course, based on applications and certain requirements, but these should be challenged on a repeated basis to ensure the system is as compliant as possible. Antimalware programs Maintain regular updating and regular scans of the environment. Clean and remove threats as quickly as possible. Log and analysis Capture security information, perform regular reviews, and identify anomalies within the log set. Perform follow-up action on each detected item to ensure that it is an identified source and safe "risk." Software inventory and deployment Controlling the software installed in an environment is paramount to ensure that end users don't install malware into the environment. In the same manner, it is important to know what software is out there and maintain an inventory so that you are aware if the state of a system has changed.

Articles in this issue

Links on this page

Archives of this issue

view archives of Netherlands: Software - Introductie Windows Server 2016