ManageEngine is dedicated to helping organizations better understand, configure, and maintain the security settings required to help protect Active Directory and Windows servers. We’ve been touring the world this year to spread the word, and have visited over 15 countries so far! We will continue to bring solutions and security products to you in 2016 and beyond. During our seminars, workshops, user conferences, and other events, we’ve been focusing on the key security areas within Active Directory and Windows that are often not secured as properly as they should be. Here are the key security areas we’ve been focusing on:
- Password policy, including fine-grained policies for mu
Users are often technically challenged when it comes to navigating computers or networks. When ADSelfService Plus is up and running, users can help themselves. That self-service help, however, isn’t always easy to get. If users want to access ADSelfService Plus outside any notifications administrators have initiated, users must dig up old notification emails or know how to navigate to ADSelfService Plus. So, how do you empower the user, even more than ADSelfSerivce Plus does, by allowing them to leverage the power that software provides? How about putting shortcuts on their desktops and Start menus? It’s easy with just a few Group Policy settings.
Empower your end users with easy access to …
In a recent conference, I was privy to a insightful session on password cracking. No, not pass-the-hash, pass-the-ticket, token manipulation, or other high-tech techniques. Rather, just simple brute force hacks, with some twists. It reinforced what I have been teaching for years, which is that our passwords are nearly worthless. Let me explain. Most organizations allow users to use weak and pathetic passwords. A typical password policy looks like this:
- Minimum password length: 6 to 10 characters
- Types of characters in the password: At least 3 or the 4 required (a, A, 1, $)
To secure your IT network, you need an efficient Firewall. To make the Firewall efficient, you have to tune it properly. But, even when you configure the Firewall to tune the performance, you have to be cautious. Check the configuration changes at every stage. Look out for conflicts. Audit the users involved. Overlooking any of these will lead to a gaping hole in the Firewall, which will in turn make your network prone to vulnerability. There are enough stories available in the industry. In many companies, because of a critical configuration change, there were instances businesses got disrupted for long hours. Subsequent loss of time to find out what went wrong. So, the sure short way to avoid all these losses a…