Back in May 2015 we started talking about the Microsoft Group Policy security change to prevent a “man in the middle attack” where any Group Policy that you test with security filtering for group membership will no longer operate with the default “Authenticated Users” on the delegation tab.
Short but somewhat scary tidbit from me this week that serves as a reminder that there is a reason that the CSI team advocates: 1 – That we need multiple layers of security protection in our networks since no single tool will catch everything 2 – We need to up the sophistication of […]
You will find on our web site under Webinar recordings, Hardening Active Directory Part I and also Part II. If you haven’t watched those presentations, you should to understand the threat to your Windows networks. One basic concept you can start with is to realize that all the Group Policy security settings are found in […]
For years the best practice, and rules the most auditors hold IT departments to when it comes to secure password policies have included the following: 1 – Passwords should be at least 8 characters minimum and must contain complexity (use at least 1 number, 1 upper case character, and 1 special character) 2 – Passwords […]
Previously we talked about limiting the use of “local administrators” to improve the security of your network. However, we do actually need a local administrator account to exist because, sooner or later, a tech is going to need that account to properly install software or update the machine.
In this week’s Tech Tidbit I want to talk a bit about the importance of implementing proper control of DNS as part of your malware protection program. DNS lookups and / or the hijacking of DNS lookups are an often-used tool by many malware agents to help enable the success of their intended attacks.
One of the most frustrating things for users and the technical staff that support them is erratic email flow. Often users and staff don’t know that their email is stuck or being rejected. By the time the technical staff often realize there is a problem, a whole lot of email has backed up – or […]
I have been talking over the past year about “Hardening Active Directory”. In those discussions, we have been talking about implementing a granular password policy so that you K-2 students have a lower password requirement than your financial and guidance users.
The October Tech Talk meeting was jammed packed with information. There was more information than time allowed us to present. Therefore, Scott is going to do a special November Tech Tidbits webinar presentation on Tuesday November 14th at 10:30 am.
Welcome to the second installment of, “Weekly Tech Tidbits”. This week I am going to answer a very common question, “Why do we have to remove local Administrator rights to workstations?” The answer is quite simple. Almost every single attack on your network begins on a workstation.
