Active Directory Tips

  • Post category:Blog

For some reason, Active Directory has been the center of many conversations lately.
Based on that, I wanted to share some of the most common tips to maintain a secure and healthy environment.

  • Modify default security protocols: Kerberos and NTLMv2 are required for authentication in AD, and operate at higher security levels. On the other hand, NTLM presents significant cyber-security and should be disabled.
  • Perform regular audits: Proactively improve security, promptly detect and respond to threats, and simply enable your operations to run without any interruptions
  • Disable Clear Text Credential Caching: There are several registry changes available to make sure no passwords are saved in memory or in the registry.
  • Have a documented backup and disaster recovery strategy: If you are in this situation, it is most likely because your environment was compromised. Make sure to have fully documented procedures to reduce the downtime.
  • Leverage object backups if your data protection software supports it: Being able to restore a single AD object nowadays should be a requirement.
  • Automate maintenance and cleanup tasks: All the inactive, unused and disabled accounts need to be constantly removed.
  • Schedule regular penetration tests: The goal is to identify any possible attack vector an adversary would use.
  • Never grant more permissions than needed: Least-Privilege Administrative Models.
  • Implement Prevention, Detection and Response tools: Semperis leads the market here, with Quest not too far behind.

Remember kids… if you stay ready, then you do not need to get ready!
If you think I missed some other tips, please reach out and let me know.