Our specialists will conduct a security survey of the infrastructure and help ensure a high level of system administration.
«Active Directory Backup and Restore Strategy Design» (5 days)
Data collection using customized toolset (infrastructure configuration, performance, SLA/OLA requirements).
Deployment of simulation test environment.
Disaster recovery drills for key disaster scenarios (object corruption, data loss, etc.).
Development of recommended backup and restore strategy (backup types and schedules based on business requirements and infrastructure capabilities).
Preparing disaster recovery document (service passport, step-by-step recovery instructions for each scenario).
«Windows Security Assessment» (5 days)
Data collection using customized toolset from Domain Controllers, Active Directory Database and some important servers and workstations (OS configuration, Active Directory and OS permissions and privileges, privileged account hygiene, checking for common misconfigurations, event logs, operational survey).
Automated analysis of collected data for deviations from industry and vendor best practices in information security.
Deep operational survey to identify existing administration practices in organization
Data review and extensive analysis by the engineer.
Prepare and conduct Executive Summary presentation, provide the detailed technical report remediation plan.
Knowledge transfer session during the engagement.
«Modern Authentication» (5 days)
Knowledge transfer session on modern information security solutions in Windows environments.
Preparing the action plan and pilot deployment of following technical measures and administrative practices:
Identifying privileged accounts
Protection of privileged credentials
Restriction and audit of weak authentication protocols
Pilot Windows Hello for Business deployment on a limited set of workstations
Hybrid authentication with Azure AD.
Using Azure AD joined and Azure AD Hybrid joined devices in a corporate environment.
«Modern Administrative Approach» (5 days)
Knowledge transfer session on Windows authentication subsystem weaknesses and modern attack vectors exploiting those weaknesses.
Three-tier administration approach adoption.
Pilot deployment of protected administrative workstations with a choice.
A simpler and affordable approach which does require small processes changes
More strict and complete approach, requiring changes in multiple processes and administrative approaches
Dedicated administrative forest in a test environment.
«Restricted runspaces» (5 days)
A set of Ransomware counteraction measures and restriction of unwanted applications.
Lateral movement attack counteractions to mitigate the risk of easy compromise of an entire workstation group.
Development of quick reconfiguration process for protected workstations for a quick response to software updates.
Deployment of Local Administrator Password Solution (LAPS) and LAPS extension which resolves main limitations of LAPS.