Feed on
Posts
Comments

Category Archive for 'Security Architecture'

On-prem or Azure

On question that often pops up in my discussions is when to move to Azure. There are many considerations to take into account when it comes to a move to Azure and similar but from a security perspective it is all about the speed of reactions to a threat. If you have a really tight […]

Read Full Post »

I was engaged in a minor workshop together with a bunch of security architects to work out a problem why it was to challenging to implement a new security architecture. No matter the document, workshops etc. they did nothing stuck. New solutions not following the architecture popped up all over the place and the architects […]

Read Full Post »

Last months I encountered a strange situation at a customer. I did a security review and deployed some simple log analytics tool to identify where Domain Admins logged on as we suspected that an intruder was roaming around in the environment. To my customer´s fear we more or less instantly saw that the Administrator account […]

Read Full Post »

As you know if you work in the field of Credential Theft Tier 0 is the most important thing to protect. With Tier 0 access I pwn a company, to use a security term. The implications from a contractual perspective is seldom considered when a company decides to outsource Tier 0, i.e. their Domain Controllers […]

Read Full Post »

I might be a bit naïve when it comes to Service Provider but, normally, I would expect contracts to contain just a bit of clauses regarding intrusions and loss of data but apparently this is seldom the case. Only thing that is measured is uptime in the SLA and with todays very efficient malware and […]

Read Full Post »

Following the previous post about consequences when you deploy the identity control plane we will now focus on the security that you need to apply. The security is to be divided in three parts: Identity management, Device and Identity. The identity is the full definition of the identity to the level you need to be […]

Read Full Post »

What does it mean to use identity as the control plane? First: this is nothing new. Identity has been used for many years in conjunction with physical and network control plane. The difference is what emphasis that has been put on the different control planes. With physical control plane, the emphasis lies on the security […]

Read Full Post »

One of the buzzwords you commonly encounter is ‘Identity is the new control plane’ but what does it mean? The term refers to where you manage access to a resource. In the case of identity it is where you manage identities and their access, in our case Active Directory. But to make it more understandable […]

Read Full Post »

I love doing presentations and I had the opportunity in southern Europe to present for a few customers my view on how to administer on-prem services. What I presented was Microsoft Secure Privilege Access Roadmap. If you havn´t read it please do. It gives to quite some details how you should manage the administration tasks […]

Read Full Post »

SOC for clouds

During a workshop at a customer we started to discuss their SOC. Today it fully manages their onprem servers and clients but when asking about their cloud data center (Azure) it turned out that it was not managed at all beside that the security functions was activated but not used. Getting the security functions in […]

Read Full Post »

Next »