While every IT manager or administrators knows that a solid Active Directory recovery plan is an essential component of any business continuity strategy, calculating the practical return on investment (ROI) of an optimized AD recovery plan is notoriously tricky. Too many variables are at play to generate a defensible, exact ... Read More

The attacks on Microsoft Exchange servers around the world by Chinese state-sponsored threat group Hafnium are believed to have affected over 21,000 organizations. The impact of these attacks is growing as the four zero-day vulnerabilities are getting picked up by new threat actors. While the world was introduced to these ... Read More

Securing Microsoft Active Directory (AD) involves dealing with a mixed bag of risks, ranging from management mistakes to unpatched vulnerabilities. We often write about the fact that cyber-attackers are targeting AD to elevate privileges and gain persistence in the organization. Investigate a typical data breach, and you’ll find that stolen ... Read More

The latest development in the 2017 NotPetya Attack saga should be a reminder for organizations that it only takes a handful of cybercriminals to take down all of your operations.   Last week, the US Department of Justice announced charges including computer fraud and conspiracy against six hackers of the cybercriminal group known ... Read More

The exponential increase in remote work caused by the COVID-19 crisis has ricocheted across the IT landscape. Within a matter of days, corporate IT faced an unprecedented 180-degree turn in its client networking model. Organizations that treated remote work as a rare exception suddenly found themselves almost entirely remote. According ... Read More

The exponential increase in remote work caused by the COVID-19 crisis has ricocheted across the IT landscape. Within a matter of days, corporate IT faced an unprecedented 180-degree turn in its client networking model. Organizations that treated remote work as a rare exception suddenly found themselves almost entirely remote. According ... Read More

Most organizations have virtualized some or all their AD domain controllers. Virtualized DCs have their advantages, but they also introduce risks that didn’t exist with physical servers. One of these risks is the temptation to use hypervisor snapshots (a point-in-time VM image) for AD backups.   Don’t.  Let’s be clear: even though Microsoft supports hypervisor snapshot restores since Windows Server 2012 – i.e. they won’t break AD as they could in previous OS versions – they’re still not ... Read More

Most organizations have virtualized some or all their AD domain controllers. Virtualized DCs have their advantages, but they also introduce risks that didn’t exist with physical servers. One of these risks is the temptation to use hypervisor snapshots (a point-in-time VM image) for AD backups. Don’t. Let’s be clear: even ... Read More

A colleague here at Semperis recently looped me into a conversation with the manager of a large Active Directory environment running on Windows Server 2008 R2. With end of support for Windows Server 2008 and 2008 R2 coming up soon (officially January 14, 2020), planning is well underway for upgrade ... Read More

Should you upgrade your existing AD forest to Windows Server 2016 Active Directory (aka AD 2016), or should you leave it where it is? Despite the focus and activity around adopting cloud services today, the fact remains that Active Directory continues to underpin it all. In addition to longstanding dominance ... Read More