Share tech news, updates, or what's on your mind.

Sign up to Post

[Webinar] Cloud Killed the Firewall
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk the cloud can bring to company infrastructure. The more cloud applications we add, the greater the number of vulnerable entrypoints. Most basic firewalls can't keep up.

In this webinar, Skyport Systems explains how legacy DMZ architectures cannot accommodate this highly agile, cloud-connected enterprise, and how companies can create new security policies to adapt to this shift. View the video to learn how to make your enterprise "cloud ready."
0
Let's recap what we learned from yesterday's Skyport Systems webinar.
1
[Webinar] How Hackers Steal Your Credentials and Why Active Directory Must be Secure to Stop Them
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can result in an oversight, leaving weak spots in our system exposed to the outside world. The most often overlooked weak spot? Credentials.

In this webinar, we're shown how to step out of our existing roles and mindsets and step into those of a hacker looking for AD credentials. You'll see where credentials are stored and how improper monitoring can weaken security and make it easier for hackers to gain access to your database.

View the webinar to learn how to mitigate credential issues and vulnerabilities by locking down admin credentials for good.
0

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs of each program we employ. As luck would have it, our days are often spent with other important tasks, leaving us unable to thumb through 300-page guides.


To help Active Directory administrators understand Microsoft’s latest guidance, Skyport Systems hosted a webinar last week that detailed the high-level action items needed to secure Active Directory (AD) in its most recent update.


The main issues they see in companies mitigating AD security issues are threefold: operations, complexity, and cost. Not only are there so many teams involved in managing and securing active directory, but the complex application has many ports of connection, raising cost to implement best practices and install programs built to specifically secure this infrastructure.


And why is AD security so important? Easy—AD systems are the central point of authentication for most companies, Bhavik Shah, CISSP at Skyport Systems explained. Cloud based services, internal operations tools, external platforms, all tie back to AD. So if a hacker gains access to AD, they have access to so much more than simple credentials. This is why the system is so heavily targeted. If a hacker owns AD, they own the entire network.


Skyport Systems understands this problem and so does Microsoft. Microsoft has even tried to close the gaps by releasing new tools proven to work.


“But the problem with implementation is there are vague guidelines,” said Shah. “It takes money, expertise, and other programs to successfully secure Active Directory.”


So Skyport took Microsoft's 300 pages and broke it down into something consumable—a phased approach, broken out into buckets of focus into the modern security framework.


Active Directory Hygiene

Shah recommends looking into existing complexity of hygiene protocols, like whether you’re checking domains frequently enough. He compares this level of security to having a bunch of locks on a door, and that it isn’t a matter of whether or not the hackers will get in, but how long until they do.


“Hackers will get in quickly if this is the only area of focus,” Shah advised.


Secure Admin Workstation

“This is the biggest gap that I’ve seen as far as what Microsoft is telling you to do and what people are actually doing,” said Shah.


In this gap, there will be no jump server set up between a laptop and its domain controller, meaning credentials are cached locally on the device, sitting in the memory of the laptop. If not addresses, credentials can easily leak into the user environment.


Protect Domain Controller

In this level of security protection, administrators need to only allow ports AD needs to perform its job, protected by a firewall and shielded from the internet. In some cases, administrators may completely wipe AD’s connections and start from scratch to gain the level of protection they desire.


Admin Forest

As the final bucket of the security process, this step requires an effort to segregate credentials into separate forests, with users in different locations than admin credentials and so forth. Shah mentioned this step is usually reserved for large enterprises.


For more detailed information on how to implement these steps of security and how Skyport System’s SkySecure product includes hardware and software components to deliver a secure virtualization environment for Active Directory, check out the webinar!



3
[Webinar] Secure Your Active Directory
Are you ready to implement Active Directory best practices without reading 300+ pages?

You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest ways to secure your Active Directory environment. Companies like Skyport Systems understand the critical role Active Directory plays in a company's IT infrastructure, and that securing it against vulnerabilities and hackers is essential to operational success.

Watch the video to learn:
  • Easier ways to secure AD based on Microsoft’s guidance
  • How to secure workstations and domain controllers with their SkySecure product
  • How to create an admin/red forest with SkySecure
5
Skyport Systems - What We Do
Why Skyport?
0

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabilities to a minimum is necessary. This popular system has the ability to both help and hurt corporations.


Recently, Microsoft published a guide containing more than 300 pages on how to keep Active Directory systems safe and secure. While a thorough breakdown of all available techniques and best practices, most teams don’t have idle time available to spend thumbing through the document—especially in a moment of critical need.


In response to this, Skyport Systems is hosting a webinar to provide quick, easy-to-implement tips on the best ways to secure the most vulnerable parts of your Active Directory infrastructure. They’ve done the heavy lifting of understanding this document.


Join us Thursday, April 20th, to learn:

  • Easier ways to secure AD based on Microsoft’s guidance
  • How to secure workstations and domain controllers with their SkySecure product
  • How to create an admin/red forest with SkySecure


Register Now


0
If you missed the Skyport System Active Directory webinar, you can see the recorded version here.

https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html
5
[Webinar] Is Your Active Directory as Secure as You Think?
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks is to conduct regular penetration tests. However, most organizations don’t have the resources for this, and simply assume their environment is secure enough.

Many experts, like Ascent Solutions and Skyport Systems, know that “secure enough” isn’t really enough and have taken strides to identify the attack vectors and establish best practice mitigation guidance.

Howard Friedman from Ascent Solutions, Russell Rice of Skyport Systems, and Gene Richardson from Experts Exchange hosted a webinar to showcase:

  • How to gain confidence that your environment will survive a penetration test and be safeguarded against an actual attack
  • The threat model for Microsoft Active Directory domain controllers and its importance
  • Common attack vectors and best practice security techniques
  • How to comply with advanced guidance and mitigate many attack vectors

You may not of been able to ask your question during the live webinar, but you can keep the conversation going! Ask your question now!
5

Skyport Systems

67 Followers

Skyport Systems delivers the industry’s first inherently secure, hyper-converged platform that simplifies IT infrastructure by converging compute, virtualization, networking and storage onto a single appliance without sacrificing security or performance. Our cloud managed, on-prem solution provides IT organizations more control and flexibility, while saving time and resources with streamlined and automated operations, ultimately, putting the power of the infrastructure in the hands of the application owner.

Nick GiampaSkyport Systems
Demi BattagliaSkyport Systems
Skyport SystemsSkyport Systems