active directory security
The Active Directory is an essential asset of your IS... and yet, the AD is so vulnerable.
Our teams can carry out a complete audit of your AD in order to identify its weaknesses and come up with operational action plans.
AD remediation and hardening actions are generally done following an audit and/or when a customer becomes aware that its AD need more security. A roadmap is defined with the main remediation and hardening actions, which may take the form of several themes:
- Account cleaning (users, privileged machines)
- Implementation of LAPS
- Backup/Restore Policy
- Deployment of the “tiering model” in order to
- compartmentalize activities
- Privileged Accounts are brought under control
- Deployment of PAWs (Privileged Access
- Hardening of DCs and DC Core
- AAD Connect / AAD
Detecting attempted attacks on the AD and its ecosystem via proprietary or open source technology solutions has now become essential, and our consultants can implement such technology and then carry out a skills transfer or they can run a solution after it has been implemented.
However, even with the best technical solutions implemented, the security of the AD can be undermined by poorly defined roles of the people involved in the management of the AD. We can provide a specific support service for AD Governance ; here, the idea is to meet the needs of the current set-up, in a sustainable manner.
As threats evolve in parallel with the IS and the organization centered around the AD, it becomes necessary to set up a “control tower” to monitor and adjust action plans accordingly. The objectives of this annual plan coordination activity are, in particular, to ensure:
- proper execution of operational actions;
- implementation of an effective watch as regards new threats;
- an assessment of the impacts resulting from changes of the IS and of the organization;
- proper management on a daily basis;
- regular updating of action plans.
In order to support your teams, we have ready-made training courses on the topic of the Active Directory according to 2 main themes for technical populations:
- Offensive Security Training for the Active Directory
- Defensive Security Training for the Active Directory
Our Computer Security Incident Response Team (CSIRT) team is also at your disposal; they can respond within a few hours (or sooner) to help contain the damage being done by an ongoing attack.
For organizations that don’t have the ability to maintain advanced skills in regards to AD security, we have a turnkey MSSP Active Directory (Managed Security Services Providers) offer. In other words, you can completely delegate security activities to us.