How's Your Hygiene?

Sadly we have seen money siphoned from companies and massive losses in productivity due to Ransomware, one question we have been asking lately is, “how is your Active Directory hygiene?”  It doesn’t come as a surprise that in the fast pace of operating an enterprise ecosystem and the operational tasks that are required each day  that AD hygiene is getting overlooked.  The continuous turnover of staff, admin rights being issued and not monitored, and the proliferation of service accounts being used by third party applications/vendors is introducing risk.  Time is needed for upkeep of your most vulnerable infrastructure; the cleansing process needs attention on the priority list.

As we analyze the anatomy of a Ransomware attack, the common theme that we see is success by threat actors escalating through the MITRE ATT&CK matrix unabated.   Actionable steps are important and that is where AD hygiene will play an important pre-emptive role.  Escalation of privileges by threat actors is critical to disrupt, and AD hygiene can dramatically limit the attack surface and either prevent/delay the dreaded end game intended by the threat actor by eliminating the escalation of privileges through AD hygiene.  Attacks are going to happen, but controlling the controllables through AD hygiene will enable your other tools in the security stack to, “Do Their Job”.

Here is a list of items we are thinking about when it comes to your AD hygiene posture and the key role it plays in the journey to a Zero Trust model.

  • Do you enforce any type of password policy?
  • Have any of your account passwords been compromised on the darkweb?
  • Do you have any service accounts that are no longer needed?
  • Do you have a handle on stealthy admins, privileged and stale accounts?
  • How is RDP/remote access used within your environment and do you enforce any type of conditional access when using remote access services?

Secure IT Now

Get Started

About IOvations

IOvations provides enterprises across the eastern United States with network security, data security, cloud security, and host-based security solutions that are practical and relevant to your business risk profile. With a staff of IT security experts and over 100 years of combined experience, IOvations can help you span the IT lifecycle with a complete security engagement plan that will deliver best-in-class solutions and practices for network security, data security, cloud security, and host-based security requirements.