Universities a Top Target for Data Theft
While researching data breach incidences within Universities and places of higher education, I stumbled upon the Privacy Rights Clearinghouse; an organization dedicated to consumer privacy and “raising awareness of how technology affects personal privacy”. According to the Privacy Rights Clearinghouse (www.privacyrights.org/data-breach/new), over 3,500 data breaches have been made public in US universities and educational institutions alone since 2005; equating to over 600,000,000 compromised…
Why StealthAUDIT?
I’m frequently asked why I think StealthAUDIT provides a better alternative to some other product on the market. The answer often comes down to the same core differentiators:
StealthAUDIT takes a very different approach to other solutions on the market. While other products attempt to anticipate what reports you might need and package only those into a product set, the StealthAUDIT platform enables a flexible approach to answer virtually ANY question you have today or in the future.
The SMP…
Active Directory Tools Versus Native Auditing
This is re-posted from an earlier post but seems as relevant as ever. If you’re thinking about monitoring Active Directory events, you’ll no doubt consider what’s involved in leveraging native event logging and how that relates to tools that are designed for AD event monitoring. In that context, below, we describe a few of the steps involved in setting up native event logging for Active Directory.
Determine Which Events You Need
First, you need to understand which events you need to keep trac…
Active Directory Unification
It’s no secret that over the past decade, Active Directory has grown out of control across many organizations. It’s partly due to organizational mergers or disparate Active Directory domains that sprouted up over time, but you may find yourself looking at dozens or even hundreds of Active Directory domains and realize that it’s time to consolidate. And it probably feels overpowering. But despite the effort in front of you, there’s an easy way and a right way.
Domain consolidation is not a si…
Active Directory Monitoring
One of the most important things you can do to improve the security posture of your IT infrastructure is to provide in-depth monitoring of Active Directory. STEALTHbits provides numerous solutions to assist with monitoring numerous Active Directory security events. With deep visibility into administrative changes such as user account creations, group changes, and changes to Group Policy Objects (GPOs), STEALTHbits enables a complete audit trail with real-time alerts when high-risk activity ta…
Active Directory Domain Consolidations and Migration
You may have heard us discuss Active Directory domain consolidations or domain migrations in the past but there’s been significant recent progress in how we approach large consolidation projects. We call it Active Directory Unification and we’ve built new out of the box intelligence into our existing product set. It’s not just about getting from point A to point B. When you’re going domain consolidation ratio is in the neighborhood of 100:1 (or even 10:1), you’d better make sure you have deep…
The File System, Active Directory, Real-Time Changes, and You
GPOs are a bit of a strange beast. They exist in two worlds – the file system, and active directory – and they affect many more. Sort of like a platypus – a poisonous mammal that lays eggs and has a duck-bill, a beaver tail, and the feet of an otter – the GPO has the characteristics of both files and AD objects while affecting security, the registry, applications, and many other parts of your forest. And that makes it a tricky object to get a handle on. The AD portion of the GPO tracks versio…
Timeless Information Technology (IT) Joke
LOST IN A HOT AIR BALLOON
A man piloting a hot air balloon is hopelessly lost. He descends to a lower altitude and locates a man down on the ground. He lowers the balloon and shouts, “excuse me, can you tell me where I am?”
The man below states, “yes, you’re in a hot air balloon, about 30 feet above this field.”
“You must work in Information Technology,” said the balloonist.
“Yes I do,” replies the man. “And how did you know that?”
“Well,” says the balloonist, “what you told me i…
Active Directory Security Modeling isn’t just for the beautiful!
Active Directory Security Modeling. Even as I type the phrase I note how ubiquitous the term can be. Not even TechNet or Google give any hard and fast rules around scope, design, or *gasp* actual implementation. Yet this ‘model’ is at the very core of AD, and AD is at the very core of the Microsoft IT footprint.
So many aspects can go into a security model of this sort, right?
You have at the core your OU structure, how it’s named, how it’s laid out.
The associated group policy objects …
Dynamic Access Control
Windows 8/2012, DAC, and you
TechEd has come and gone, but it seems we can’t quite shake off all the buzz. Some of the things that we saw at TechEd are still making us go “hmmmmmmm”.
One of those things is Dynamic Access Control. At TechEd, Microsoft unveiled a new system of controlling access, and it’s both more powerful, and potentially more complicated than anything we’ve seen before. You can find a good primer here: https://technet.microsoft.com/en-us/video/dynamic-access-control-demo-wa…
