Fixing the Bad for the Good!

Presented by

Jorge De Almeida Pinto | Lead Identity/Security Consultant at IAMTEC

About this talk

Active Directory (AD) has been around for about 2 decades, and many organizations started using it as soon as it became available, some even earlier. Especially large orgs have Identity Management systems to manage the lifecycle of identities somehow (user accounts, service accounts, computer accounts, other account purposes). AD has evolved and with every new release of the OS, it became more secure. However, that does not mean you are automatically using all of the most secure account settings. It also does not mean you automatically stopped using the least secure account settings. What about passwords? Are your users using weak or compromised passwords, and how do you know? Do users own multiple accounts and are they sharing passwords across accounts they own, and how do you know? Weak settings and passwords (i.e. bad account hygiene) are what the bad guys need to take over your systems, accounts and ultimately your AD through e.g. "lateral movement". Even with large orgs and/or well managed ADs, you'll be surprised of what you will see when you dig in. Although the best option is to go passwordless, or at least decrease password usage, that may not be a viable option for all orgs. So what can you do about all of this? Please join me in this session where I will explain what can be done from a technical and process perspective.

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (97)
Subscribers (2650)
Semperis is the pioneer of identity-driven cyber resilience for cross-cloud and hybrid environments. The company provides cyber preparedness, incident response, and disaster recovery solutions for enterprise directory services—the keys to the kingdom. Semperis’ patented technology for Microsoft Active Directory protects over 40 million identities from cyberattacks, data breaches, and operational errors. Semperis is headquartered in New York City and operates internationally, with its research and development team distributed between San Francisco and Tel Aviv. Semperis hosts the award-winning Hybrid Identity Protection conference. The company has received the highest level of industry accolades; most recently being named Best Business Continuity / Disaster Recovery Solution by SC Magazine’s 2020 Trust Awards. Semperis is accredited by Microsoft and recognized by Gartner. Join our next HIP Conference: https://bit.ly/3q6JUbD