Active Directory (AD) is a critical component at the core of your IT Infrastructure – managing user accounts, assigning and enforcing security policies for all computers and installing or updating software. Over time Administrator based AD permissions are often delegated too widely and inconsistently, and privileges may still be place for Administrators who have changed roles or left the organization. This severely weakens security control and can result in a failure to meet compliance and governance requirements.
How you benefit?
The engagement delivers a formal report and a presentation to key stakeholders including:
- Design schematic of the current AD Security environment
- Detailed description of each issue identified
- Red ⁄ Amber ⁄ Green impact assessment of the issues found
- Recommendations to remediate
- Obtain an independent, fresh perspective on your AD Security and management practices
- Review and rationalise membership of the sensitive security AD groups such as Enterprise Admins, Domain Admins, and Schema Admins
- Tighten security further with one-way Trusts, SID filtering and selective authentication
- Identify any security & authentication changes required for servers hosting AD-related Internet-facing services, e.g. OWA or Sharepoint
- Ensure that the AD design adheres to financial and industry compliance requirements
- Ensure that the AD follows industry standard governance guidelines
- AD group memberships
- OU security configuration
- User rights to Exchange Objects
- Delegations of AD rights
- Event log Assessment for unauthorized AD changes
- Group Policy security Assessments
- Event log Assessment for unauthorized Group Policy changes
- Trusts & Internet services
How long will it take?
3 days on site to investigate single site and gather data, followed by detailed findings analysis, remediation planning, report production, and finally delivery of a presentation to key stakeholders to review the results and recommendations
|+92 (21) 345 499 44|