Defending Active Directory Against AdminSDHolder Attacks
Active Directory Permissions Attack: Hackers Gain Persistence with AdminSDHolder Active Directory (AD) tends to be a common target for hackers, as it controls the security and infrastructure for most IT systems. Attackers aim to get privileged access to a Windows Server Active Directory and remain undetected for as long as possible. These techniques used by […]
True Hybrid Active Directory Management Solutions: The New Standard | Part 1
True Hybrid Active Directory Management Solutions: The New Standard | A Three-Part Blog Series Over the years, Microsoft Active Directory (AD) has become the core of almost all organizations’ network infrastructures, acting as the central system for identity and access management. The current IT landscape is constantly evolving and has dramatically changed within the last […]
Active Directory and Microsoft 365 Account Provisioning And User Lifecycle Management: Hidden Costs and Recommendations
At its core, user provisioning is a process that makes sure that user accounts are created, given the most appropriate level of permissions and managed moving forward across an enterprise. Keep in mind, however, that these days most Microsoft environments, in particular, are hybrid, meaning that they have both on-premises Active Directory components and Azure […]
4 Reasons Why the Recycle Bin Can’t Fully Protect Azure Active Directory
Let’s face it, user errors are a reality, and the threat of malicious actors breaching Active Directory –both on-premises and in Azure – is on the rise. Protecting your data has never been more important, yet no native tooling exists to tracks changes, store previous values or enable administrators to rollback those changes immediately. Microsoft […]
Azure Active Directory Security Defaults—not for everyone
Microsoft’s powerful array of cloud offerings—Microsoft Azure, Dynamics, and Office 365—offer paths to business growth without the huge capital investment. Most organizations on the cusp of implementing and experimenting with those services may not make security the first priority in the quest for productivity. The first phase of the exciting journey into the cloud is to […]
Microsoft Azure AD Single Sign-on Now Free to Customers
Microsoft announced any customer using a subscription of a commercial online service can connect all their cloud applications to Azure AD for single sign-on (SSO), and protect this access with multi-factor authentication (MFA) as a security default at no extra cost. SSO reduces the number of sign-in prompts for employees and enables one-click access to popular apps, and it should […]
How to Recover an Azure Conditional Access Policy
According to Microsoft, “Conditional Access is the tool used by Azure Active Directory (AAD) to bring signals together, to make decisions, and enforce organizational policies.” Conditional Access policies are an effective replacement and improvement over user login restrictions provided in on-premises Active Directory (AD). Conditional Access Policies are also present in Azure AD. How do […]
3 Reasons The Recycle Bin Won’t Always Protect You Against Accidental Deletions to Azure Active Directory and Hybrid AD
The Active Directory and Azure AD Recycle Bins exist as tools for protecting you against the accidental deletion of directory objects…but not all of them. If an administrator accidentally deletes an Active Directory user account, for example, it is possible to retrieve the deleted user from the Recycle Bin. Even so, the Recycle Bin has a number of inherent limitations, and there is […]
8 Truths and Tips: Avoiding Outages in Azure Active Directory and Hybrid AD
Unfortunately, Active Directory data loss (in Azure, on-premises and in hybrid environments) is a harsh reality for many organizations, especially as threat of malicious actors breaching AD is on the rise. These business-critical services must be protected from costly outages and threats, which can stop users from getting to email, important documents and applications. While […]
A New Major Version of Azure AD Connect Has Been Released
Integrating your on-premises directories with Azure AD makes your users more productive by providing a common identity for accessing both cloud and on-premises resources. With this integration users and organizations can take advantage of the following: Organizations can provide users with a common hybrid identity across on-premises or cloud-based services leveraging Windows Server Active Directory […]