Experts Exchange

83

Solutions

80

Articles & Videos

275

Contributors

We connect you with people and information to solve problems, inspire learning and influence the future of technology.

Share tech news, updates, or what's on your mind.

Sign up to Post

Here's how to start interacting with our community through Post.
7
 

Expert Comment

by:Daniella Barion
Comment Utility
Great suggestions. Good content and discussions on  Post can help people.  We can all be protagonists and help in the exchange, sharing, discussion, and construction of content and ideas. The content comes from the knowledge of the group that is organized in networks. Learning can occur all the time in any environment.
2
On Demand Webinar: Networking for the Cloud Era
LVL 8
On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
4
Here's a look at newsworthy articles and community happenings during the last month.
3
When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
8
 
LVL 66

Expert Comment

by:Jim Horn
Comment Utility
^^^ Looks to me like Martin should write an Apple and Skitch specific article on how to make custom screenshots.
1
 
LVL 47

Expert Comment

by:Martin Liss
Comment Utility
Good idea:.
1
Liquid Web and Plesk discuss how to simplify server management with a single tool in their webinar.
2
Ready for our next Course of the Month? Here's what's on tap for June.
3
Invest in your employees with these five simple steps to improve employee engagement and retention.
7
Check out this step-by-step guide for asking an anonymous question on Experts Exchange.
5
 

Expert Comment

by:mikeciszek
Comment Utility
Do you have a profile setting - atlways ask anonymously?
0
keylogger
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
4

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs of each program we employ. As luck would have it, our days are often spent with other important tasks, leaving us unable to thumb through 300-page guides.


To help Active Directory administrators understand Microsoft’s latest guidance, Skyport Systems hosted a webinar last week that detailed the high-level action items needed to secure Active Directory (AD) in its most recent update.


The main issues they see in companies mitigating AD security issues are threefold: operations, complexity, and cost. Not only are there so many teams involved in managing and securing active directory, but the complex application has many ports of connection, raising cost to implement best practices and install programs built to specifically secure this infrastructure.


And why is AD security so important? Easy—AD systems are the central point of authentication for most companies, Bhavik Shah, CISSP at Skyport Systems explained. Cloud based services, internal operations tools, external platforms, all tie back to AD. So if a hacker gains access to AD, they have access to so much more than simple credentials. This is why the system is so heavily targeted. If a hacker owns AD, they own the entire network.


Skyport Systems understands this problem and so does Microsoft. Microsoft has even tried to close the gaps by releasing new tools proven to work.


“But the problem with implementation is there are vague guidelines,” said Shah. “It takes money, expertise, and other programs to successfully secure Active Directory.”


So Skyport took Microsoft's 300 pages and broke it down into something consumable—a phased approach, broken out into buckets of focus into the modern security framework.


Active Directory Hygiene

Shah recommends looking into existing complexity of hygiene protocols, like whether you’re checking domains frequently enough. He compares this level of security to having a bunch of locks on a door, and that it isn’t a matter of whether or not the hackers will get in, but how long until they do.


“Hackers will get in quickly if this is the only area of focus,” Shah advised.


Secure Admin Workstation

“This is the biggest gap that I’ve seen as far as what Microsoft is telling you to do and what people are actually doing,” said Shah.


In this gap, there will be no jump server set up between a laptop and its domain controller, meaning credentials are cached locally on the device, sitting in the memory of the laptop. If not addresses, credentials can easily leak into the user environment.


Protect Domain Controller

In this level of security protection, administrators need to only allow ports AD needs to perform its job, protected by a firewall and shielded from the internet. In some cases, administrators may completely wipe AD’s connections and start from scratch to gain the level of protection they desire.


Admin Forest

As the final bucket of the security process, this step requires an effort to segregate credentials into separate forests, with users in different locations than admin credentials and so forth. Shah mentioned this step is usually reserved for large enterprises.


For more detailed information on how to implement these steps of security and how Skyport System’s SkySecure product includes hardware and software components to deliver a secure virtualization environment for Active Directory, check out the webinar!



2
On Demand Webinar: Networking for the Cloud Era
LVL 8
On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

In order to fulfill our mission of inspiring learning in the technology community, Experts Exchange is launching a Course of the Month program. Premium and Team Account members will have access to one course per month as a part of their membership, at no additional charge!
7

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the many intricate ways privileged accounts can compromise Active Directory environments.


On the subject of “Tracking and Securing Privileged Users in Active Directory”, Derek Melber, technical evangelist for the ADSolutions team at ManageEngine, outlined that number as Microsoft's own observation.


That’s why companies like ManageEngine are working to educate users and provide simple-to-use tools for protecting the popular Active Directory infrastructure.


Melber explained that when companies are breached, they usually aren’t aware of the breach for up to 146 days. That means a hacker can be in your organization with domain administrator credentials, undetected, for 5 months—something Melber appropriately described as a “terrifying level of access.” According to Microsoft’s research timeline, when the first host is compromised (typically a desktop) the admin domain credentials are compromised in two days or less.


So how do companies combat these risks and stay ahead of hackers?


Melber said a great place to start is to follow these 5 steps for tracking and securing privileged credentials:


  1. Run reports on privileged access accounts
  2. Analyze data from these reports
  3. Configure settings
  4. Monitor settings and access
  5. Set up alerts for when access changes


These steps help companies follow the practice of creating a least privileged environment, something ManageEngine believes in. Following this for all endpoints, Melber explained companies can reduce vulnerabilities within Internet Explorer by 100%.


Individual privileged accounts, however, aren’t the only thing to monitor. Melber discussed the importance of following the same protocol with privileged groups. In privileged groups, users have uninhibited access to important files. He gave the example of a privileged group member accessing financial servers and backing up files or folders, regardless of the permissions set on those documents.


In order to audit this activity, tools are needed to run reports and control access. With the right tool, Melber says it’s possible to track access, monitor settings and behaviors, configure password resets, receive real-time alerts, and launch automatic reports.


“It all goes back, unfortunately, to breaches. Attackers are one step ahead of us. Attackers are using configurations against us. We need to flip that around. We need to know who has privileges. We can then help reduce the breaches that are in our environment,” says Melber.


For more details on tips provided in this webinar—or to watch the presentation—click here.


*Please email Derek Melber with any Active Directory questions at derek@manageengine.com


3
Adults who share images on social media aren’t the only ones who need to worry about their privacy. Our culture’s tendency to share every move and celebration affects the privacy of our children, too.
7

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabilities to a minimum is necessary. This popular system has the ability to both help and hurt corporations.


Recently, Microsoft published a guide containing more than 300 pages on how to keep Active Directory systems safe and secure. While a thorough breakdown of all available techniques and best practices, most teams don’t have idle time available to spend thumbing through the document—especially in a moment of critical need.


In response to this, Skyport Systems is hosting a webinar to provide quick, easy-to-implement tips on the best ways to secure the most vulnerable parts of your Active Directory infrastructure. They’ve done the heavy lifting of understanding this document.


Join us Thursday, April 20th, to learn:

  • Easier ways to secure AD based on Microsoft’s guidance
  • How to secure workstations and domain controllers with their SkySecure product
  • How to create an admin/red forest with SkySecure


Register Now


0

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies and corporations that rely heavily on it for housing proprietary information as well as internal connections—but that’s not all.


When you take a system such as AD that’s already a focus of cyber terrorist attention and you add a large number of privileged credentials into the system, the risk only grows. Suddenly, the directory becomes porous with innumerable opportunities for invasion.


In a 2016 Cyberthreat Defense Report, it was discovered that only three out of 10 respondents felt confident in their company’s ability to monitor privileged users. This response raises awareness to the needs for secured and limited privileged credentials.


Companies like ManageEngine have seen the damage a high number of credentials can cause within a company, and they’ve set out to teach IT teams and AD technicians how to reduce privileged accounts while protecting the ones that remain.


On April 11th, Derek Melber, technical evangelist for ManageEngine’s ADSolutions team, will be presenting on the topic of tracking and securing credentials in Active Directory.


Join us to learn how to:


  • Create a honeypot Administrator account to track attacks
  • Ensure the built-in Administrator account is secured
  • Monitor activities performed by users that have privileges in Active Directory
  • Reduce membership in privileged groups
  • Be informed when any privileged group changes membership
  • Track changes to service accounts and ensure the highest level of security


Register Now


0
Experts Exchange is more than just a Q&A forum. Learn more about the benefits of membership and discover the value for yourself.
5
Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
4
EE Question ID
In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a technique for doing this with a single keystroke.
3
 
LVL 10

Expert Comment

by:Andrew Leniart
Comment Utility
Thank you for the clarification Joe.
I'm glad that you were able to understand my examples.
It's actually quite an accomplishment on you part! I guess you could say I'm "programmatically challenged". Whenever I try to understand sample code, all those commands and squiggly } lines start to make the whole page go blurry on me lol..  Your comments beside the commands make it very easy to follow indeed.  Will definitely be checking out your other AutoHotkey articles so thanks for the links.

Best..
0
 
LVL 54

Author Comment

by:Joe Winograd, EE MVE 2015&2016
Comment Utility
Andrew,
Thanks again for the comments. It's extremely helpful for authors to get feedback like that from readers. Regards, Joe
0
Riverbed Technology's webinar discusses networking for the cloud era with simplified SD-WAN cloud connectivity.
3
Free Tool: ZipGrep
LVL 8
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Businesses who process credit card payments have to adhere to PCI Compliance standards. Here’s why that’s important.
1
In the wake of AWS' S3 outage, we want to discuss the importance of storage and data diversification in the event of a hack, crash, or system disruption. We spoke with Experts Exchange’s COO Gene Richardson for a deeper understanding.
7
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthinkable.
7

February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter that massive stores of data have been leaked by CloudFlare, a company that provides internet security, content delivery, and domain name services to more than 2 million websites, since September. 

Random cyber adversaries have had access to passwords, private messages, API keys, and other sensitive pieces of information from major sites such as FitBit and Uber due to the fact that this leaked information was being cached by search engines.

“In the early hours this morning, Experts Exchange was notified by CloudFlare that our domain was not found in the caches of exposed data during the Cloudbleed situation,” says Phil Phillips, DevOps Director at Experts Exchange.

Specifics of the leak have been laid out in detail by Ormandy on Monorail, an issue tracking site for chromium-related projects, showcasing that the leak was originally discovered by him and reported on February 19th.

CloudFlare stated in their press release that the greatest period of consumer impact occurred between February 13-18 with close to “1 in every 3,300,000 HTTP requests” resulting in a possible memory leak.

To be sure of your company’s security, check out the list of domains affected by this leak. If yours is included on the list, immediately begin repair and mitigation
12
 
LVL 22

Expert Comment

by:David Atkin
Comment Utility
I've used Cloudflare for about a year now.  Fortunately none of my sites where subject to the 'Cloudbleed' bug.

You have to admire CloudFlare's transparency with this issue - It's something that they do well.  The actual CloudFlare write up is far beyond my understanding but from the laymans point of view, it sounds like the response time for the issue and fix was excellent.

Despite the issue I'm happy to continue using their service.
2
 
LVL 1

Expert Comment

by:Mihai Corbuleac
Comment Utility
Very transparet, not like Yahoo's recent security breach.
1
This problem is more common than not and I will show you some things to check to solve this problem.
0
Each year, investment in cloud platforms grows more than 20% as an increasing number of companies begin to transition to virtual storage and operations. Moving to remote cloud servers comes with many benefits, including three important factors needed as a company grows: scalability, shareability, and a larger communication scope. Cloud operations remove the worry of updating servers if storage needs change or the company expands and moves. Files and documents are also accessible from any location and any device with the right log-in information. 

The rise in popularity of SaaS and PaaS services has a lot to do with new, innovative companies offering customizable solutions to everyday corporate and technology needs, such as lead generation maintenance, process funnels, and payment chains. This sudden popularity, however, not only receives attention from investors and developers, but hackers.

As with any cybercriminal focus, cloud platforms are seen as a land of opportunity because the additional service expands the area available for a hacker’s reach. Before, the only hacking portal may have simply been a server within the company walls. Now, in addition to that server, there are payment processes and client lists lingering in the cloud. When you consider that in 2017 we may see 73%
2

Experts Exchange

83

Solutions

80

Articles & Videos

275

Contributors

We connect you with people and information to solve problems, inspire learning and influence the future of technology.

Vendor Experts

Kyle SantosExperts Exchange
Craig KehlerExperts Exchange
Experts ExchangeExperts Exchange