Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by: CMS Consulting Inc. Visit us online at

Published byCameron Karen Jordan Modified over 8 years ago

Similar presentations

Presentation on theme: "Presented by: CMS Consulting Inc. Visit us online at"— Presentation transcript:

1 Presented by: CMS Consulting Inc. Visit us online at http://www.cms.ca

2 The contents of this presentation are the property of CMS Consulting Inc. No portion, in whole or in part can be used without the express written consent of CMS. You may email brian@cms.ca for permission to re-post or re-use any of this content.

3 Brian Bourne CMS Consulting Inc, President Toronto Area Security Klatch, Co-Founder Black Arts Illuminated Inc., Director Fancy Credentials CISSP, MCT, MCSE:Security

4 Microsoft Infrastructure and Security Experts Active Directory - Windows Server - Exchange - SMS - ISA MOM - Clustering - Office – Desktop Deployment - SQL – Terminal Services - Security Assessments - Lockdown – Wireless Training by Experts for Experts MS Infrastructure – Security - Vista and Office Deployment Visit us online: www.cms.ca Downloads – Resources – White Papers For Security Solutions For Advanced Infrastructure For Network Solutions For Information Worker For Mobility Solutions

5 1. ~~~~~~~~~ 2. ~~~ ~~ ~~ 3. ~~~~ Top 10 Security Mistakes Based on the results of numerous health check and assessment service offerings Top 10 Areas for Security Improvement Based on feedback from the consulting team at CMS

6 This is painfully obvious and still a problem at every customer. Problems include: Poor policy or poor policy enforcement Password re-use (eg. FileMaker password = Domain Password = Banking Password) User training – hey, did you know a simple sentence is complex? “My first born is Grant.” Password storage

7 Typical Issues: No inventory of software and hardware (no idea what to patch) No reporting of patch status or deployment Legacy software that’s simply unpatchable Software that followed the “deploy and forget” methodology Remember: All software and hardware needs patching, not just Microsoft! Especially security products!

8 Everyone, Full Control, Everywhere Anonymous is part of everyone! Simple Rules: Permissions are cumulative, except Deny wins. Never grant permissions to users. Grant to groups. Avoid upgrading W2K. Install W2K3 fresh. Use security templates and group policy to set/maintain security

9 No one seems to follow the rule of least privilege. Enumerate the following groups: Enterprise, Domain and Schema Administrators Server, Print and Backup Operators Service Accounts need special treatment Separate OU with GPO’s limiting rights Should be “Administrators”, not DA or EA! Use OU’s and delegate required administrative functions

10 Please don’t use a DA account for day to day activity. Better yet, don’t use a DA from anything but a designated high security, administrative workstation (think about bad things like keyloggers when logging in from untrusted machines) Guard EA accounts! Don’t share the administrator password. At minimum, you want some level of non-repudiation.

11 The most common installed and unneeded service? Any guesses? (IIS) Reduce the attack surface! Define Role based Templates Test, test, test Enforce by GPO! Good guide to understanding services http://www.microsoft.com/technet/prodtechnol/ windows2000serv/deploy/prodspecs/win2ksvc.mspx

12 How will we ever know if something happens? How will we ever be able to piece together “the crime scene” without any evidence? Audit only what’s important. Think beyond Windows events. Applications, firewalls, switches, etc. Consider log shipping also.

13 System State on all FSMO role holders. Critical data everywhere else. Remember to test procedures with restores Consider encryption/password protection to prevent unauthorized restores Offsite storage, secured fireproof vault Part of a larger Disaster Recovery plan

14 For IT Staff: Security Architecture Secure Operating Procedures Understanding of attack methods Defence in Depth techniques For All Staff Awareness training Email and Internet Usage Social Engineering awareness

15 Have a plan and have training! DO NOT: Touch the computer. Delete files. Or frankly react in anyway without a carefully thought out and professional approved plan!

16 1. ~~~~~~~~~ 2. ~~~ ~~ ~~ 3. ~~~~ Things People Need to Think More About: 1. Funding for security 2. Application filtering and layer 7 firewalls 3. Intrusion detection and prevention 4. Incident Response Planning and Training 5. Security Policy, Usage Policy 6. Log collection, management and co-relation 7. Physical controls 8. Network controls (who can plug in) 9. Firewalls should not look like swiss cheese (Hint: Use IPSec instead) 10. VPN controls and other remote access methods

17 November 20 – 21, 2007, MTCC, Toronto, ON, Canada http://www.sector.ca/

18 INSPIRE Infrastructure Workshop 4 days of classroom training - demo intensive AD, Exchange, ISA, Windows Server, SMS, MOM, Virtual Server Business Desktop Deployment – Deploying Vista/Office 3 days of classroom training - hands on labs (computers provide) Business Desktop Deployment Concepts, Tools, Processes, etc. Vista and Office Securing Internet Information Services Securing ActiveDirectory Securing Exchange 2003 1 day classroom training per topic TRAINING BY EXPERTS FOR EXPERTS

19 @ Brian Bourne, President – brian@cms.ca Robert Buren, VP Business Development – robert@cms.ca CMS Consulting Inc. – http://www.cms.ca/ CMS Training – http://www.cms.ca/training/ Toronto Area Security Klatch – http://www.task.to/

20 Thank You! Visit: CMS Consulting at http://www.cms.ca Join: Toronto Area Security Klatch at http://www.task.to Register: Security Education in Toronto at http://www.sector.ca CMS Consulting Inc.

Download ppt "Presented by: CMS Consulting Inc. Visit us online at"

Similar presentations

Auditing Microsoft Active Directory

Auditing Microsoft Active Directory
Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
Microsoft Server 2008 R2 Group Policies & AD. Group Policies-Refresher  Policies are “all or nothing”  You cannot selectively choose within a policy.

Microsoft Server 2008 R2 Group Policies & AD. Group Policies-Refresher  Policies are “all or nothing”  You cannot selectively choose within a policy.
{ Best Practice Why reinvent the wheel?.   Domain controllers   Member servers   Client computers   User accounts   Group accounts   OUs 

{ Best Practice Why reinvent the wheel?.   Domain controllers   Member servers   Client computers   User accounts   Group accounts   OUs 
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Principles for securing a corporate network, with a look at the some of the Microsoft technologies available Nick Clark.

Principles for securing a corporate network, with a look at the some of the Microsoft technologies available Nick Clark.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.

70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.
SOE and Application Delivery Gwenael Moreau, Abbotsleigh.

SOE and Application Delivery Gwenael Moreau, Abbotsleigh.

Similar presentations

Ads by Google