Group policy is super-powerful but like any super-power it can be used for good or evil. There are hundreds of security-related settings in group policy and at least seven different ways to tweak how group policy is applied by overriding the normal waterfall flow of settings (see the list below). Any inadvertent or malicious change can bring your organization to its knees.
But whether you have 10 systems or 100,000 you can't afford to avoid using Group Policy either – for the very same reasons. Group Policy is key to efficiently managing and ensuring consistent security posture.
In this real training for free ™ event I will identify a host of different ways group policy can go wrong but I will also show you controls you can implement to prevent such problems or at least detect when they occur.
Here's some of the risks we'll discuss
- GPO link enforcement
- OU level inheritance blocking
- GPO link priority
- GPO Permissions
- GPO WMI filters
- Settings level additive vs. non-additive
- Settings level disable vs. Not Configured
- No notification of unauthorized changes
- No roll-back procedure
- Failure to place computers in the correct OU
- Failure to place computers in the correct group
- No testing
- Change and version control
- Persistent attackers using group policy to lower your shields from within
And then I’ll show you what's available natively to control and address these risks:
- GPO permissions
- Windows Auditing and the Security Log
- Export/Import of GPOs
- Group Policy Results wizard
- Manual processes and workflow
Of course, like all native functionality there are limitations to the solutions I show you. That's where our best sponsor, Dell Software, comes in. Bryan Patton will briefly show you how Dell Software has a solution that can give you enterprise control over group policy to help you exploit its power while managing the risk.
You will find this to be a technical and practical education session.