Network security in Microsoft Azure can be handled either by Network Security Groups, which is free, or Azure Firewall, which is a paid feature. Azure Firewall is often worth it for its ability to more granularly manage network traffic. In this article, I cover the advantages of Azure Firewall to help you decide whether it’s worth the investment for your organization.
This is part 4 of “Designing a delegation model in Active Directory”. In this video, Mahdi explains how to proceed to perform the mirroring of Access Control Lists (ACLs) using the newly created groups. By mirroring ACL, we mean to assign the same delegation the users had but this time instead of relying on old groups or using the direct delegation, it is done using the created groups we created in part 3 of this series. Mahdi also explains that the cleanup needs to be done in order to remove the old unwanted ACLs.
I vividly remember working for a company when we had a ransomware attack and everything shifted. We weren't one of those big companies you read about in the news, but wow did it feel significant at the time. "Those companies" that failed to be secure became "us." Years later, I find myself in the role of an M365 Admin and we have everything in the cloud, and I realize AI tools could aid in making something like that happen again. I'll make an effort to learn to prevent it by attending this webinar. Join me, won't you?
This is part 3 of “Designing a Delegation Model in Active Directory”. If you watched part 1 and part 2, you have studied the environment and you know what needs to be done. In this video the actual stuff is happening. The groups will be created and based on this groups, the actual delegation will be done on Active Directory. This delegation is done by using PowerShell scripts.
This is part 2 of “Designing a delegation model in Active Directory”. In Part 1, Mahdi discussed the general concepts of delegation and why even delegation based on least privilege is a must in Active Directory. In this part, he explains the different methods of applying delegation in Active Directory and suggests a framework based on the concepts of least privilege. This framework can be expanded to include other areas of infrastructure. For example, the same concepts can be used to implement the least privilege delegation to manage the VMware solution or Azure Resources. However, the focus here is Active Directory.
Microsoft is developing and testing Microsoft 365 Backup and Microsoft 365 Archive, which currently in Preview mode and expected to be in General Availability (GA) in 2024. Using Microsoft 365 Backup, persons with Microsoft 365 admin roles can create and manage backups using Microsoft 365 Backup for OneDrive, SharePoint, and Exchange. Microsoft 365 Archive will provide a cost-effective solution for securing inactive data within SharePoint. Microsoft 365 Archive offers benefits and partner integrations.
In this video series about Active Directory best practices, Madhi discusses how to create a clean delegation model that can be easily manageable according to the concepts of least privilege and zero trust. This video, part 1, explains why Active Directory delegation plays a key role in security of the environment and AD itself. The key point to note is that the delegation model can be expanded to cover other areas of your infrastructure and not only AD. This is more likely a framework based on the concepts of least privilege.
Data transfer between iPhones is generally seamless, but unfortunately, upgrading to a new iPhone sometimes causes Microsoft Authenticator issues during the move. IT consultants should be aware of this when upgrading their employees and clients to a new iPhone. Read this article for a detailed solution.
In the previous three parts of this series on Active Directory tiering, I helped you understand tiering and how Tier 1 and Tier 2 should be implemented. This video is for the Tier 0 section, which is the most important part of the tiering because you’ll learn how to perform the segregation for the most sensitive servers of your environment. In this video, I will also present a way to have different subcategories of servers, and then you can implement this concept in your Tier 1 as well.
As discussed in Enhance Active Directory Security with Tiering, Part 1 and Enhance Active Directory Security with Tiering, Part 2, in order to have fair security against pass-the-hash attacks on Active Directory, you can implement tiering to have different levels based on how sensitive data are. This video is devoted to Tier1 servers (a server shared between two teams for their file sharing, an IIS server for a development team, etc.).
In order to have fair security against pass-the-hash attacks on Active Directory, you can implement tiering to have different levels based on data sensitivity. In this video, I discuss the second level of tiering. The scope for tier 2 includes the workstations and applying settings via GPO to block unauthorized access.
In this video, which is part 1 of this series, I discuss Active Directory security and specifically credential theft, which happens frequently when we are dealing with a ransomware attack. Credential theft is a main target which attackers can perform by gaining access to a server or PC and use that access (pass the hash) to hop to another server. I'll explain this problem, called lateral movement, in the video. Finally, we will discuss Active Directory tiering which is a solution to logical segmentation of resources and divide them into Tier 0, Tier 1 and Tier 2.