One of the key reasons for introducing ‘Active Directory’ back in 2000 was to help centralize control over resources in your organization. Whilst Active Directory can increase the security of your organization up to a point, you will probably still need to take certain steps to ensure the safety of your AD, especially in today’s climate of data breaches and attacks.
In this whitepaper, I’m going to go through some basic principles you can follow to help secure Active Directory.
- PASSWORD MANAGEMENT
- SMART CARDS
- LOGIN SESSIONS
- LIMIT LOGIN WORKSTATIONS
- LIMIT NUMBER OF DOMAIN ADMINS
- CONFIGURE LOGON HOURS
- AVOID SHARING DOMAIN ADMINS
- DO NOT FORGET DSRM ACCOUNT
- LOCAL ADMINISTRATORS
