Musings of a PC

Thoughts about Windows, TV and technology in general

Getting Secure: Applying Security Guidance and Tools to Your Environment

Presented by Steve Riley and Jesper Johansson, this five hour pre-con went very quickly, a good sign that it wasn’t at all boring! They started by going through some core tools that can be used for ensuring that your systems are up to date and deploying fixes to ensure that they stay there.

They then went through some of the comprehensive guides that are available from Microsoft. I won’t go through the list of tools or guides as the slide deck should be available from in a few days’ time.

These guys certainly know their stuff but I’m not sure that I agreed with all of their proposals. For example, they suggested that using account lockout in any shape or form was a bad idea as it could be used to mount a denial of service account, causing accounts to get locked out. That may be true but if you haven’t got a good proactive system monitoring process in place, you aren’t going to catch the audit events showing you that someone is failing to authenticate and, worse, has succeeded. By using account lockout to even lock an account for one minute, you can slow that brute force attack down.

I’ve got a couple of to-do’s out of this session and a ton of reading to do. If the rest of Tech-Ed is like this, I’m going to be very busy at the end of it!



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: