Expanding our global footprint with Ian Thornton Trump as our first CISO in the UK LEARN MORE >

Services

We’re a selected team of skilled cybersecurity professionals who work as an extension of your IT staff, as well as best-in-class technology to add an additional layer of protection to your organization.

View our Managed Services
Ask About Our Outsourced Cybersecurity Program

Our comprehensive outsourced cybersecurity program leverages advanced technology and expert professionals to enhance your security without the need for in-house capabilities.
 

Learn more

Partners

We collaborate with best in the business to ensure our customers receive the highest levels of care and support. These trusted relationships allow us to better serve and educate our customers.

Regional Partner of the Year Award

Partner of the Year Award

Why Inversion6

With an abundance of solutions and providers, the task of choosing the right option is critical and can sometimes be overwhelming.

industry validation

"Thanks to Inversion6, we now have an established protocol and response procedure whenever incidents are detected. Now, we are able to act immediately to prevent a security event from becoming a larger incident."

Read Full Story

Resources

Our experts are thought leaders in the cybersecurity space. From blogs to publications and webinars, check out these resources to learn more about what’s trending in our industry and how you can stay ahead.

Why Cybersecurity Should Be Driving Your Enterprise Risk Management Strategy

By Christopher Prewitt

Read Article
Latest Inversion6 Press

CISO Craig Burland’s latest byline in Cyber Defense Magazine discusses the importance of accountability in cybersecurity.

View Story
August 26, 2019
By: Inversion6

It’s Time to Be Proactive with IT Security Administration

Is your organization upholding password policy best practices? Here are three you can implement right away to keep your organization and users safe.


All too often, it can be easy for organizations to build a set of identity-based security processes and procedures only to then walk away once the work is done. Sure, you’ll be monitoring things and making adjustments here and there, but the effort is primarily reactionary. There are no forward-thinking or proactive steps taken to ensure those processes and procedures are followed consistently and evaluated on an ongoing basis.

One reason is the misperception that there is a lack of ROI on cybersecurity measures. According to cybersecurity expert Troy Hunt, the potential fines for cybersecurity failures — such as those under GDPR — should be more than enough to justify the investment. Despite this, companies are sticking with old (even decades-old) security systems — putting their businesses, employees, and customers at significant and prolonged risk of a breach

However, strong IT security administration doesn’t have to come with a heavy price tag. There are a number of steps and best practices you can follow with your existing systems to ensure your employees’ and customers’ data remains safe. Much of it rests with a role that your IT and information security teams already have as well: your administrators.

1. Administer Your Administrators

Take a careful look at your Active Directory (AD) setup. Here, your organization’s users have been assigned appropriate roles with permissions according to what they need access to and what their position does. This critical area of your IT security administration must be reviewed and updated frequently, particularly for midsize to larger organizations where there’s a greater rate of employee turnover and overall role changing (i.e., promotions, transfers, etc.).

This is especially important with administrator accounts. A periodic account and rights cleanup in AD ensures that users have access to what they need — and no longer have access to what they don’t. If you haven’t already, consider coordinating responsibilities and permissions with your HR department to understand what a person should and should not have access to. As roles change, people leave, and new employees are hired, your IT security administration team will have an understanding of what access a person will need and can take action immediately.

For example, a great starting point is a breakdown of three types of accounts: 1) standard, 2) administrator, and 3) domain administrator. The standard account speaks for itself. However, the distinction between an admin and domain admin is critical. Administrators don’t necessarily need full access to your organization’s domain to perform their everyday functions. Giving administrators that level of access means there’s a greater chance of something going wrong. By limiting control to domain administrators only, the risk of something going wrong is reduced.

2. Audit Your Administrators

Just as with the three overall types of AD accounts mentioned above, there are also a number of different administrator and operator account types. These range from domain and enterprise admins to schema and exchange admins. Operator account types include server operators, backup operators, DHCP administrators, and remote desktop users. Clearly, there are a number of different account types with varying degrees of access and authority, which is why it’s critical to conduct periodic audits into who holds what account type.

Consider following what’s called a least-privilege administrative account model, where your administrators and other AD account holders are given only the minimum permissions needed to do their work. Periodically reviewing these accounts will help you understand who has been added, who has been removed, who has access to what, and — most importantly — why. Often, certain users are given permissions because the admin was taking the path of least resistance. Perhaps it was a one-time situation where an employee needed access to a certain group, but the administrator forgot to revoke the access 24 hours later.

In its best practices for securing AD, Microsoft notes that in many instances during AD assessments, the company being audited often had an excessive amount of users with privileges and permissions that they don’t need or that not as many people should need. While the privileges and permissions themselves aren’t an issue, the sheer number of them is what’s problematic. This is particularly true for large organizations, where more and more users can start to gain permissions for their roles for unnecessary reasons. The more users with permissions they don’t need means there’s a greater chance of something going wrong.

And as we all know, one time can be all it takes to bring an organization to its knees.

3. Rotate Administrator Access

Simply auditing your administrator types isn’t going to be enough. Even though these individuals have been entrusted with greater permissions and responsibility, they’re still human and can make mistakes. Consider rotating passwords on different administrator accounts to keep credentials fresh, which provides a double measure of protection in that the administrator’s password is changed frequently (even without his or her knowledge) and cybercriminals wouldn’t be able to use the account if the credentials were leaked.

The use of password vaults makes this process easier and more efficient because the password for a specific administrator can change without his or her knowledge. This allows the administrator to continue on with their daily tasks while important data is being rotated to prevent one credential from remaining stagnant for too long.

Groups also make this approach even more secure and dynamic. For example, setting up an administrator group for your password vault 1) ensures that only specific administrators are able to access it, 2) allows passwords to become more private, 3) allows those passwords to be rotated securely amongst a smaller group, 4) creates more accountability between the members of the group, and 5) ensures the password vault is more secure across the board. The same approach should be considered for Server Admin Access and Workstation Admin Access.

4. MFA Everything

We’ve said it before, and we’ll say it again: multi-factor authentication (MFA) is an absolute necessity for ensuring effective IT security administration across the board. Once you’ve implemented the recommendations above, MFA only adds even more assurance that your AD accounts remain secure by requiring admins — even those with the most permissions and the most power — to verify their identity prior to accessing AD and other secure areas of your organization’s environment.

Need Help With IT Security Administration? You’re Not Alone

Inversion6 helps organizations take a more strategic approach with their information security. From working with leaders to develop stronger security programs to communicating and managing the performance of those programs throughout the organization, our chief information security officers will partner with you to ensure that the highest levels of security are observed and put to use at all times.
 

Post Written By: Inversion6
Inversion6 and our team of CISOs are experts in information security, storage, and networking solutions. We work alongside your team to implement technology solutions that are smart, flexible, and customized to fit your needs.

Related Blog Posts

Let's TALK

Our team of experts in information security, storage, and networking works alongside your team to implement technology solutions that are smart, flexible, and customized to fit your needs. Ready to learn how we can help strengthen your technology environment? Fill out the form below to get started.

TALK TO AN EXPERT