troubleshooting Question

general information security probity checks

Avatar of Pau Lo
Pau Lo asked on
Windows OSActive DirectoryNetwork SecuritySecurity
8 Comments2 Solutions33 ViewsLast Modified:
We are looking to build in some scheduled probity checks into general information security assurance across our internal network, focusing on network accounts, devices and general permissions.
One of the basic checks that normally highlights problems (and therefore adds value) is checking a list of enabled AD accounts to a list of employees who have left the organization in the past X days/weeks, to flag those whose accounts should have been disabled.
Another basic check has been to check any employees who have changed roles within the company, and were their group memberships updated accordingly, so they no longer have access to shared directories that were only appropriate in their previous role.
Can you think of any more of the basic data security/access/housekeeping probity checks of this nature that you feel would be beneficial and likely to flag issues (common mistakes/misconfigurations in this area etc)? The tests don't have to be limited to Active Directory and file server permissions, but they are often common source of problems so if we could expand the list of 'spot checks' that would be great.

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 2 Answers and 8 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 8 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros