Security groups either make or break your IT security. Group memberships are responsible for administrative access in your your network and define access to other privileged resources and data on your domain. Ever wondered how a simple misconfiguration of a group membership could lead to a security incident? This blog elaborates the most common misconfiguration or security loopholes that can cause damage to the sensitive data in your network.

Most of you know that one of the most important user experience metrics in a Citrix environment is the logon time. A 2018 survey by eG Innovations and DABCC found out that Citrix logon time was the number one problem for administrators: 59% of respondents rated logon time as their biggest problem. There are many best practices to improve Citrix logon times. Slowness during the logon processing can, of course, increase logon times. Issues with group policies or slow profile loading is often a cause.

Active Directory (AD) is a process service that is used in Microsoft® Windows-based environments. It is responsible for authenticating users when they connect to servers and for authorizing access to different directories, files, and data. AD is also responsible for carrying out security protocols on all connected devices and computers. For example, there is a policy in place where, after three login attempts, a user’s account is locked.

Enterprise Alert is the premier solution for reliable, targeted, and accountable Alerting. At Derdack, we have always aimed to provide the best possible security combined with an easy to use User interface. Part of this UI is the Enterprise Alert mobile App which supports secure 2-factor authentication by integrating with ADFS.

An effective active directory monitoring system is essential to a secure directory design. There is a wide variety of security issues and loopholes that can be identified early if the users on the network are following the active directory monitoring guidelines. The lack of such monitoring can lead to a multitude of security threats which can result in financial and reputational damage along with data loss.

A critical Active Directory vulnerability (CVE-2020-1472) has been making headlines for being the most notorious elevation of privilege bug because it can affect all computers and domain controllers in an organization. This high-risk vulnerability, dubbed Zerologon, gives threat actors easy, instant access to domain controllers without requiring any additional privileges. This attack does not even require a user to be authenticated; the user just needs to be connected to the internal network.

We were recently asked for help by one of our clients that needed to separate a number of users from their existing domain by moving them into their own Active Directory forest. This can happen for all sorts of reasons, including divestments, security, geographical or division separation. Whatever the reason, they needed to move these users across into an entirely new AD domain.

Do you need to integrate a new company in with your existing employer and therefore in to your already provisioned Azure AD tenant. Or perhaps just need to share your tenancy and office 365 services with more than one company, then you could find yourself in a position where you need to sync users from another domain and have already configured AD Connect, well there is a way to add the second domain to your current Azure tenancy, so you can sync those users from the second domain.

Microsoft Active Directory (AD) is the nerve center enabling your federal agency to access the systems and applications staff members need to do their jobs. AD is also a high-risk target for inside and outside threats and can be a gateway for other potential security vulnerabilities. The key to protecting your agency’s AD is to have the right processes in place to maintain its integrity, know whether something is happening that shouldn’t be, and demonstrate compliance if required.