With Windows Active Directory, a range of different account types can be set up with the necessary permissions, access, and roles. These include service accounts, which are intended for use when installing applications or services on the operating system. Common types of Active Directory service accounts include built-in local user accounts, domain user accounts, managed … Read more Top 10 Active Directory Service Accounts Best Practices

If we’ve learned nothing else about cybercriminal organizations over the last few years, we know for certain these folks are experts on Microsoft security. They’re no longer simply opportunistically gaining access to your network; instead, they’re leveraging known vulnerabilities in operating systems and applications and using the very network they’ve compromised to assist them in finding their intended target … Read more 4 Ways Cyberattackers Take Advantage of Mismanaged Permissions

Active Directory is essentially a registry containing all the information about a network, including users, groups, computers and printers, and servers. Each of these things, whether physical or virtual, is considered an “object” in Active Directory, and has various attributes assigned to it, such as a name, number, or group membership. Active Directory is used … Read more Top 6 Active Directory Security Groups Best Practices

In any company, network users must be both authenticated and authorized before they can access parts of the system capable of leading to security breaches. The process of gaining authorization is called access control. In this guide, I discuss the two main methods for managing access control for your systems—role-based access control (RBAC) and attribute-based … Read more RBAC vs. ABAC: What’s the Difference?

IT is really busy these days. In fact, IT’s been busy for as long as you can remember. Security issues today alone could keep you busy full-time, but there’s just not enough time in the day. Strategic initiatives and fires seem to take precedent daily, pushing some of the more necessary, but rudimentary, parts of … Read more 3 Ways Your Permissions Are in Worse Shape Than You Think

Active Directory (AD) is a battle-tested software many company administrators use as a standard remedy for concerns about outsider access to data. But within AD, there are many types of security protocols to choose from. What if I don’t want to enable email access to my users, but instead I want my users to securely … Read more How to Create a Security Group in Active Directory

The Domain Name System (DNS) vies with the Border Gateway Protocol (BGP) for the title of “Achilles heel of the internet.” If you want to take down large swathes of the internet in a single event, DNS and/or BGP are how you’d go about it. Over the past few decades, there have been innumerable security … Read more The Worst DNS Attacks

A security log keeps a digital record of all your server activity and can provide an IT security admin a centralized view to better log and track who has made what changes, as well as if there are any issues with the data. A security log can be crucial to your company. For some, a … Read more Security Logging Best Practices for Retention and Monitoring