Musings of a PC

Thoughts about Windows, TV and technology in general

Getting Secure: Applying Security Guidance and Tools to Your Environment

Presented by Steve Riley and Jesper Johansson, this five hour pre-con went very quickly, a good sign that it wasn’t at all boring! They started by going through some core tools that can be used for ensuring that your systems are up to date and deploying fixes to ensure that they stay there.

They then went through some of the comprehensive guides that are available from Microsoft. I won’t go through the list of tools or guides as the slide deck should be available from www.steveriley.ms in a few days’ time.

These guys certainly know their stuff but I’m not sure that I agreed with all of their proposals. For example, they suggested that using account lockout in any shape or form was a bad idea as it could be used to mount a denial of service account, causing accounts to get locked out. That may be true but if you haven’t got a good proactive system monitoring process in place, you aren’t going to catch the audit events showing you that someone is failing to authenticate and, worse, has succeeded. By using account lockout to even lock an account for one minute, you can slow that brute force attack down.

I’ve got a couple of to-do’s out of this session and a ton of reading to do. If the rest of Tech-Ed is like this, I’m going to be very busy at the end of it!

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: