AD Roles: Enterprise Admins and Schema Admins
September 7, 2021
The first domain in an AD forest is unique. There are two groups in this domain that we must be aware of: Enterprise Admins and Schema Admins.
The authority on identity and security in Microsoft
Does securing your business keep you up at night? Sleep better staying in the know – read our experts’ unique takes on trends in cybersecurity.
Protect Your Windows Network from the PetitPotam Exploit
August 23, 2021
The PetitPotam exploit can be used to completely own an environment, with very few prerequisites—but mitigation is within reac
Azure AD Connect Installation Strategies
July 29, 2021
If organizations don’t properly plan the synchronization solution for their cloud identities, which Microsoft calls Azure AD Connect, users will have poor experiences in the cloud. Because identity is central to security in the cloud, it’s critical to properly plan and implement Azure AD Connect.
Where to Host Active Directory FSMO Roles
July 21, 2021
The size and complexity of the organization are critical factors when determining how and where to host FSMO roles.
4 Essential Practices for Automating the Termination of Hybrid Users
July 1, 2021
When an identity from Active Directory (AD) is synchronized with a cloud-based identity platform such as Azure AD, those identities are classified as being hybrid. When user accounts are terminated in an inconsistent manner, certain aspects of the termination process may fall through the cracks, which can result in security risks for an organization.
4 Best Practices for Hybrid Identity Attributes in Active Directory
May 19, 2021
User attributes are important metadata that should be treated with care. Some organizations do not take user attributes seriously enough, which creates problems when the company tries to automate system access.
Benefits of Air-Gapped Active Directory Backups
March 31, 2021
Several high-risk events have recently highlighted the importance of a fully functional and secure Active Directory environment to a company’s business operations.
5 Things to Watch for When Migrating SaaS Applications from AD FS to Azure AD
March 3, 2021
Migrating your Active Directory Federation Services (AD FS) integrated SaaS applications to Azure Active Directory (Azure AD) provides many benefits. For example, Azure AD B2B lets you give your business partners and customers access to your organization’s applications without creating a user account in AD or Azure AD.
How to Mitigate Privilege Escalation with the Tiered Access Model for Active Directory Security
June 2, 2020
One of the most important security controls in an Active Directory (AD) forest is the prevention of privilege escalation paths. The tiered access model for AD introduces a significant number of technical controls that reduce the risk of privilege escalation.
Use Privileged Access Workstations to Mitigate Security Threats in Your Active Directory
June 2, 2020
The workstation an administrator uses to perform privileged tasks such as managing Active Directory (AD) is a high-value target for a potential adversary. By providing administrators with a clean keyboard, PAWs isolate privileged accounts from the risks of a compromised workstation.
