Beware the tools that can bring risk to a Windows network
- by nlqip
Limit access and federation between on-prem and cloud
One should limit access and federation between on-premises and cloud assets where one can. Yes, we’ve built up reliance on this ability to share data and authentication between cloud assets and on-premises, but too often it’s also introducing weaknesses.
A recent ProPublica article claims that a whistleblower pointed out these risks to Microsoft years before attacks based on them occurred. While the SolarWinds supply chain attacks were the entry points, it was misuse of Active Directory Federation Services that allowed attackers to gain more access. Thus understand the risk involved and add more monitoring resources to review authentication processes.
Finally, if you’ve been a customer of Microsoft 365 for a while, and you haven’t reviewed your security defaults and settings, it’s now time to review those settings. From Microsoft to the Center for Internet Security, various entities have updated and revised benchmarks over the years. Some benchmarks have more manual steps and some are more automated.
Source link
lol
Limit access and federation between on-prem and cloud One should limit access and federation between on-premises and cloud assets where one can. Yes, we’ve built up reliance on this ability to share data and authentication between cloud assets and on-premises, but too often it’s also introducing weaknesses. A recent ProPublica article claims that a whistleblower…
Recent Posts
- Tenable Selected by Bank of Yokohama to Secure its Active Directory and Eliminate Attack Paths
- CISA warns of actively exploited Apache HugeGraph-Server bug
- Suspects behind $230 million cryptocurrency theft arrested in Miami
- Ivanti Says ‘Critical’ Cloud Gateway Vulnerability Seeing Exploitation
- Microsoft Edge will flag extensions causing performance issues