Feed on
Posts
Comments

Category Archive for 'Security Architecture'

As you know if you work in the field of Credential Theft Tier 0 is the most important thing to protect. With Tier 0 access I pwn a company, to use a security term. The implications from a contractual perspective is seldom considered when a company decides to outsource Tier 0, i.e. their Domain Controllers […]

Read Full Post »

I might be a bit naïve when it comes to Service Provider but, normally, I would expect contracts to contain just a bit of clauses regarding intrusions and loss of data but apparently this is seldom the case. Only thing that is measured is uptime in the SLA and with todays very efficient malware and […]

Read Full Post »

Following the previous post about consequences when you deploy the identity control plane we will now focus on the security that you need to apply. The security is to be divided in three parts: Identity management, Device and Identity. The identity is the full definition of the identity to the level you need to be […]

Read Full Post »

What does it mean to use identity as the control plane? First: this is nothing new. Identity has been used for many years in conjunction with physical and network control plane. The difference is what emphasis that has been put on the different control planes. With physical control plane, the emphasis lies on the security […]

Read Full Post »

One of the buzzwords you commonly encounter is ‘Identity is the new control plane’ but what does it mean? The term refers to where you manage access to a resource. In the case of identity it is where you manage identities and their access, in our case Active Directory. But to make it more understandable […]

Read Full Post »

I love doing presentations and I had the opportunity in southern Europe to present for a few customers my view on how to administer on-prem services. What I presented was Microsoft Secure Privilege Access Roadmap. If you havn´t read it please do. It gives to quite some details how you should manage the administration tasks […]

Read Full Post »

SOC for clouds

During a workshop at a customer we started to discuss their SOC. Today it fully manages their onprem servers and clients but when asking about their cloud data center (Azure) it turned out that it was not managed at all beside that the security functions was activated but not used. Getting the security functions in […]

Read Full Post »

A new datacenter

Azure is a very extensive cloud service that provides several functions and a very short ramp up-time. This is all well and good and it is possible to get a very extensive security in place quickly if you get the right licenses and services. What many companies forget is that Azure is not a fabulous […]

Read Full Post »

IAM is a very strong tool to get in control of your accounts. With an IAM system for all standard users you will quickly protect all standard access and manage all access control. On top of that comes the protection of your privileged accounts and that means more advanced solutions like PAW or ESAE. In […]

Read Full Post »

You have all heard about the layered security approach and probably understood it. Sometimes it just becomes very visible how it works. I recently visited a client in southern Europe where we are delivering a high security project and as part of that project we are working in a secure room, a locked and secured […]

Read Full Post »

Next »