Securing your Windows servers and Windows 10 running is vital, especially given today’s sophisticated threat landscape. These are usually the first machines to be compromised in an attack through exploitation of the weakest link in the chain — the user. Through trickery and social engineering, threat actors gain access to these machines and then seek to move laterally and elevate their privileges.
There are many software deployment tools to deliver software and updates to your endpoints, but just because you have a lot of options doesn’t mean it has to be confusing. You might pick one software deployment tool to do it all, or you might pick several automated software deployment tools depending on your needs.
The majority (66%) of companies today have started some transition or co-management to the cloud. The goal is to digitally transform the enterprises of the companies. While the basic network concepts may be similar, the cloud is a different beast. It uses different protocols and management tools. There is also a host of new acronyms to learn.
The Oracle Java license change has become a hot topic amongst information technology professionals. As of January 2019, administrators who install Java 8 U 202 and later are only able to get security updates when they purchase support for each desktop. Furthermore, Java 11 and above is only available from Oracle under a commercial support agreement. The Java Oracle license change has raised concerns because support costs are expected to rise.
When it comes to deploying scripts for Intune admins, there is only one script method available: Intune PowerShell Scripts. PowerShell can be a powerful format, but you likely have existing scripts you want to leverage with your domain-joined and non-domain-joined machines. Intune script capabilities don’t enable you to deploy VBscripts, batch scripts, or JavaScript scripts. The screenshot below shows the full complement of options available for script deployment using MEM (Intune).
AppLocker is an application control feature found in enterprise editions of Windows. The tool enables you to manage which applications and files users can run. Windows AppLocker aims to limit software access and related data from specific users and business groups. The results of which is heightened security reduced administrative overhead and fewer helpdesk calls.
The local Windows administrator account is a coveted target for hackers and malware. There are potentially a lot of bad things that can happen if a hacker can crack the local admin account of one of your servers. Dreadful things usually occur when someone downloads a malicious malware strain using the administrator account as well. The magnitude of these problems is amplified even more if you use the default administrator account for every similar machine uses the same password.
Despite the increased sophistication employed by hackers for both external and internal attacks, around 80% of all reported breaches continue to exploit known, configuration-based vulnerabilities. Server or system hardening is, quite simply, essential in order to prevent a data breach.
As data breaches continue to increase in severity and scale, more than ever organizations need to ensure they have the basic security controls in place to keep their data safe from attack. In response to today’s growing threat landscape, the SANS Institute, together with the Center for Internet Security (CIS) have developed the 20 CIS Controls (CSC) to give organizations clarity on what really needs to be focused on in terms of security best practices.
In recent years, with the rapid rise of cloud computing, the virtualization of applications and infrastructure has been replacing traditional in-house deployments of applications and services. It’s currently more cost-effective for organizations to rent hardware resources from companies like Microsoft, Amazon, and Google and spin up virtual instances of servers with the exact hardware profiles required to run their services.
