In this packed real training for free ™ session I'll be doing “bounce” dives on 2 very technical areas of Windows that have big security risks, take up a lot of admin/support time and cause lost user productivity:
- Account lockouts
- Securing service accounts
Account Lockouts
A strict account lockout policy is the main defense against online brute force attacks and the weaker your passwords, the stricter your lockout policy needs to be. But the stricter you make your policy the more often a legitimate user locks out their account accidentally. And then there are the inevitable and difficult to track down cases of stale credentials due to all kinds of reasons:
- Drive mappings
- Abandoned logon session
- Scheduled tasks
- Services
- Mobile devices
- VPN connections
There's plenty of other reasons but in this webinar I’ll show you how to track down the source of these account lockouts using the Windows security log and other resources.
Service Accounts
Service and application accounts are a common source of risk findings when I perform security audits of Windows/AD environments. Over and over again I find accounts with stale passwords. Accounts that I can demonstrate haven't had their password changed even though one or more administrators have left or gotten job changes. IT departments are loath to change passwords on these accounts out of fear that something will break.
I will show you how to systematically identify every system where these accounts are being used with the Windows Security Log and also show you a free tool from our sponsor, ManageEngine, that searches out every service on every computer on your network to compile a list of all service accounts and where they are used. Bharathwajan from ManageEngine will also show you how ADAudit+ automates the laborious drudgery of diagnosing account lockouts.