3 changes to your Windows network to shutdown lateral movement

I’m sure you’re probably tired of the bombardment of Info-Sec (Information Technology Security) articles and posts telling you that you need something more to fight lateral movement. Do this, do that, buy this, trial that, use this freeware. It is exhausting if you are an IT Pro trying to do the best thing without impacting your budget or users too much. Ransomware and other exploits target lateral movement as a way to get to the privileged accounts on your network. I am not going to list changes that have a big impact on your users like removing local admin rights. You should never allow users to have local admin rights in any production environment and, if you are allowing it, you’re going to spend a lot of time implementing the removal of those rights. Passwords should be long and complex and if you aren’t protecting your log in accounts with lock out policies then you have bigger problems than Ransomware. Patching shouldn’t be talked about because patching isn’t negotiable any more. Do it and don’t ask questions. You shouldn’t be more than 30 days (14 days is better) behind in patching and you should be patching ALL of your third party software in that time frame as well. Instead, I will be talking about things that IT Pros can do that cost very little or nothing at all and have little impact on your users. Most of this will consist of minor configuration changes in Microsoft software including Windows and Office as well as other infrastructure changes related to networking that can yield decent protection rewards. So let’s get to it.

Read More »

Advertisements

How To: Install Office 365 Suite on an RDS server

The process of installing Office 365 on an RDS server is much more complex than just installing from an image or disc. I have done this enough now to have a pretty good process for doing this quickly without any issues. I wanted to share this in an attempt to shortcut the process for all those new Office 365 admins that are not familiar with deploying the suite to an RDS server. I’m sure this process will change as time goes on, (Shocker right?) so feel free to comment when this does not work for you.

Read More »

How To: Track an email to a folder in Powershell

This is a pretty granular blog post. Most of you will probably never use this but I had an incident happen recently where an email had to be found in an Exchange 2013 mailbox that had several hundred folders with rules spraying email everywhere. The search tools in Outlook would not work properly because the mailbox was too big. We had no time to fix the search tools in Outlook. We needed to find where the email was very quickly. Not where it was delivered, where it is right now. This will help you do the same.

Read More »