Posted in News Security

Windows 10 1803 Group Policy and Security Baseline Template

The latest version of the Windows 10 1803 security templates have been released to the public. These are the new Microsoft recommend guidance for securing Windows in an organisation. These settings are normally tighter than the Out of the Box settings, but are normally acceptable in a workplace environment. Historically these used to be available via the Microsoft Security Management…

Continue Reading...
Security
Posted in Security

Why you should never use a Preshared Key with IPSEC

How secure the way a preshared key saved in Active Directory for authetnication with IPSEC secure?

Continue Reading...
Posted in Best Practice Security Tip

How to stop local administrators from bypassing Group Policy

Before I begin this article might be, for some of you, this will be well know information and it might all seem rather logical. But I continue to see questions being asked on forums as how as a Group Policy administrator can I prevent my users with local admin making a specific change or installing software/drivers on their own computer. The short answer is you…

Continue Reading...
Posted in hotfix News Security

Vulnerability in Group Policy Fixed with MS15-011 & MS15-014

Today Microsoft published hotfix MS15-011 and MS15-014 that addressed a potential issues that could allow an man in the middle attack on computer. This vulnerability affected system that could be compromised by a man in the middle or what I like to call a “Coffee Shop Attack”. The summary is that by interfering with the traffic that is being sent…

Continue Reading...
Posted in News Security

Out Now: Security Compliance Manager v2.5 Beta

Microsoft has just released Security Compliance Manager v2.5 beta https://connect.microsoft.com/site715/program2682 along with a heap of new security baseline for you to use to compare against your environment. In case you are not familiar with SCM then it is a great product from Microsoft that consolidates all the best practice for their software with in-depth explanation for each setting. Notably this…

Continue Reading...
Posted in Tutorials

How to use Group Policy to deny executing, writing and/or reading on removable disks

Removable memory sticks are the back door for data in any organisation. BitLocker to Go can do some way to controlling this vector however you might want to simple close off all access to removable drives for all your users. So if you are running Windows 7 you will be glad to know there are a heap of Windows 7…

Continue Reading...
Posted in TechEd Video

TechEd Video: Security Configurations Simplified with the Microsoft Security Compliance Manager

Speakers: Tom Cloward and Jeff Sigman Source http://channel9.msdn.com/Events/TechEd/NorthAmerica/2011/WSV325

Continue Reading...
Posted in News Security

Out Now: Microsoft Security Compliance Manager v2 CTP

If  you were waiting to get your hand on the CTP of Microsoft Security Compliance Manager v2 after I wet your appetite in my previous blog post.  I am happy to report that it is now avaialbe for download and the instructions to download i can be found at http://blogs.technet.com/b/secguide/archive/2011/03/10/scm-v2-ctp-available-to-download.aspx In case you did miss my previous post about the…

Continue Reading...