Netherlands: Software

Introductie Windows Server 2016

Issue link: http://hub-nl.insight.com/i/692748

Contents of this Issue

Navigation

Page 127 of 173

118 C H A P T E R 5 | Security Figure 5-3: Short-term goal plan The figure shows four separate areas: 1. Create a separate administrator account for administrative tasks, as shown with the Admin and User. 2. Deploy PAWs for Active Directory administrators. For more information, go to http://aka.ms/cyberPAW, where this step is shown as Phase 1. 3. Create unique LAPS for workstations. For more information, go to http://aka.ms/LAPS. 4. Create unique LAPS for Servers. For more information, go to http://aka.ms/LAPS. Medium-term plan The first thing you need to do for your medium-term plan is to expand the deployment of PAWs so that you can bring more systems into scope, which you can manage only from these workstations. Following on from that, you should begin to focus on implementing time-bound privileges; that is, a user can request privileges that will expire after a predefined period of time. This means there does not need to be actual administrators, as such, because the users can request the access they need, be approved, and perform the necessary tasks. This concept is based on Microsoft Identity Manager and functions provided by JEA. You also should implement multifactor authentication for privileged access to further mitigate attacks on the systems. You can do this by using token-based security or call-back or smart cards. Next, you can begin to implement JEA. JEA is simple in principle because it specifies that you grant the very minimal amount of privileges to an account that are needed to perform the given function. The next step is to further secure domain controllers, and you will finish by implementing threat detection via Advanced Threat Analytics (ATA). ATA provides the ability to detect abnormal behavior in your systems and make you aware of them quickly. It does this by profiling your user's behavior and establishing what that user's normal patterns are. If the user does something outside this normal pattern, ATA will alert you. ATA is far more advanced than this simple explanation implies. To learn more about it, go to http://aka.ms/ata. Figure 5-4 presents an illustrated overview of the medium-term plan.

Articles in this issue

Links on this page

Archives of this issue

view archives of Netherlands: Software - Introductie Windows Server 2016