Microsoft released a detailed technical reference document, "Best Practices for Securing Active Directory."
It provides a practitioner’s perspective and contains a set of practical techniques to help IT executives protect an enterprise Active Directory environment.
The methods discussed are based largely on the Microsoft Information Security and Risk Management (ISRM) organization’s experience, which is accountable for protecting the assets of Microsoft IT and other Microsoft Business Divisions, in addition to advising a selected number of Microsoft Global 500 customers.
Key tenets of this paper are understanding the avenues for establishing a healthy Active Directory, implementing monitoring systems, actions to reduce the attack surface, and managing a resilient environment.
This risk-based approach assumes that the corporate infrastructure, and more specifically the Active Directory, is a critical target. With this mindset, resiliency and recovery become critical components of an Active Directory protection program.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.