Among many others, these are some questions you should ask yourself with your own environment in mind:
► DO YOU HAVE LOADS OF OVERPOWERED ACCOUNTS LIKE DOMAIN ADMINS?
Granting superfluous permissions would create abilities beyond the authorized scope of work. We only want to provide users with access permissions they effectively need to perform their day to day tasks.
► CAN YOU TRACE BACK ACTIONS TO THE PERSON PERFORMING THEM, THE TIME OF EXECUTION AND THE SOURCE SYSTEM?
Auditing should always be an integral part of any IT organization, making it possible to visualize what went wrong, by whom, when and where.
► ARE YOUR WEB APPLICATIONS PUBLISHED SECURELY TOWARDS THE OUTSIDE WORLD?
Making applications accessible to users outside the network is one thing, doing this is in a secure manner is something entirely different.
► DO YOU HAVE USER LIFECYCLE MANAGEMENT IN PLACE FOR USERS LEAVING THE ORGANIZATION OR USERS ATTAINING ANOTHER ROLE WITHIN THE COMPANY?
An inactive user account for example can be leveraged to get access to resources without being noticed since it is a valid account.
► ARE PASSWORDS THE ONLY MEANS OF SECURING APPLICATIONS?
Multifactor authentication helps guard access to data and applications. However this is an extra step to be performed by end-users, it can be done seamlessly while adding an extra layer of security.
► ARE YOU PROTECTED AGAINST PASS-THE-HASH ATTACKS? DO YOU HAVE A PROPER PASSWORD POLICY IN PLACE?
Without a proper password policy solution, one cannot be protected from a series of different attacks. Access to 1 machine can mean access to several machines.
► DO YOU MONITOR LOGIN BEHAVIOUR WITHIN YOUR ORGANIZATION? WHERE DO PEOPLE LOG IN FROM? HOW MANY ATTEMPTS DID THEY MAKE?
The vast majority of security breaches take place when attackers gain access to an environment by stealing a user’s identity. With a set of specific tools, you can monitor and analyze login behaviour with the help of Machine Learning.