User shortcut for ADSelfSerivce Plus

Users are often technically challenged when it comes to navigating computers or networks. When ADSelfService Plus is up and running, users can help themselves. That self-service help, however, isn’t always easy to get. If users want to access ADSelfService Plus outside any notifications administrators have initiated, users must dig up old notification emails or know how to navigate to ADSelfService Plus. So, how do you empower the user, even more than ADSelfSerivce Plus does, by allowing them to leverage the power that software provides? How about putting shortcuts on their desktops and Start menus? It’s easy with just a few Group Policy settings.
Empower your end users with easy access to …

Who said password cracking is dead?

In a recent conference, I was privy to a insightful session on password cracking. No, not pass-the-hash, pass-the-ticket, token manipulation, or other high-tech techniques. Rather, just simple brute force hacks, with some twists. It reinforced what I have been teaching for years, which is that our passwords are nearly worthless. Let me explain. Most organizations allow users to use weak and pathetic passwords. A typical password policy looks like this:
  • Minimum password length: 6 to 10 characters
  • Types of characters in the password: At least 3 or the 4 required (a, A, 1, $)
One would think, since that is the default from Microsoft, that it would be a good recipe for a strong password. Unfortunately, it is not.…

Why should you bother about Firewall Change Management

To secure your IT network, you need an efficient Firewall. To make the Firewall efficient, you have to tune it properly. But, even when you configure the Firewall to tune the performance, you have to be cautious. Check the configuration changes at every stage. Look out for conflicts. Audit the users involved. Overlooking any of these will lead to a gaping hole in the Firewall, which will in turn make your network prone to vulnerability. There are enough stories available in the industry. In many companies, because of a critical configuration change, there were instances businesses got disrupted for long hours. Subsequent loss of time to find out what went wrong. So, the sure short way to avoid all these losses a…