Active Directory is Microsoft’s enterprise directory service for on-premises environments. It can be connected to Azure Active Directory to create a hybrid environment.
At the end of March, Practical 365 traveled with the TEC European roadshow, traveling between three cities in Europe over a week, listening to experts talking primarily about security-focused topics aimed at improving your Microsoft 365, Azure AD and Active Directory. Read our whistle-stop tour of the most important points made by expert speakers.
Because of the way the Windows security model works, it’s not currently possible to eliminate the use of passwords for local administrator accounts. Given that fact, the next best solution is to remediate the biggest problems with passwords for these local accounts, including weakness, reuse, and tenure. In this article, we discuss how the Local Administrator Password Solution (LAPS) helps with all of those!
Active Directory has been around for almost 25 years. As such, one might expect that – by now – we would have figured out to keep it safe against attacks. Yet, it remains a weak point in many organizations' cybersecurity defenses. When coupled with the challenges mentioned above, this can be a recipe for disaster. Why is this the case?
Implementing zero trust in the world is a big hassle, often uncomfortable, and frequently dorky—plus, it can be expensive. At the same time, moving closer to a zero trust model helps harden your network significantly, and you may already have many of the tools and techniques you need available without much extra cost. In this article, we discuss how to take baby steps toward Zero Trust.
A writeup about the MERCURY attack by the Microsoft Threat Intelligence team reveals how a nation state actor linked to the Iranian government compromised an Azure AD tenant by using the AADConnect tool. In this article, we discuss how the attack developed and what you can do to prevent the same attack techniques being used against your tenant.
As organizations move to the cloud, on-premises environments (and their security) are put in the background as the focus shifts to the cloud. Nevertheless, most organizations I know are in a hybrid scenario where the on-premises environment holds the master data and synchronizes everything into Azure Active Directory. This blog explores how an on-premises environment is connected to the cloud and how an attacker might move from on-premises to the cloud laterally.
During migrations, one of the most asked for features is to synchronize a user’s password between the source and target environment. In this article, Joe Sharmer discusses a few methods for migrating passwords without RC4 Encryption.
When setting up your SIEM, ingesting logs from Active Directory is essential. This blog dives into the two options for ingesting AD logs and compare their strengths and weaknesses.
Microsoft’s Windows 365 Cloud PC offering can be the perfect fit for organizations that require remote workers to log into a PC that can access their network without the need for a VPN. This article deep dives into Windows 365 and how to setup Windows 365 Enterprise for your organization.
Learn some of the main group policy attack pathways, why they are easily exploited, and how to mitigate them in this article by Darryl Baker.
Although we live and work in a cloud-first world, on-premises Active Directory (AD) remains a vital component of many companies' IT infrastructure. This article goes over five ways to keep Active Directory secure.
TEC is back -100% Virtual & Free - December 6-7! This article recaps the recent in-person TEC event and what to expect from virtual TEC.
