pthomas

/Peter Thomas

About Peter Thomas

This author has not yet filled in any details.
So far has created 10 blog entries.

Monitoring Windows/AD Authentications and Logon Activity

Microsoft Windows operating systems uses a variety of authentication technologies that allow users access to resources on the network. These authentication protocols include Kerberos, NT LAN Manager (NTLM), Negotiate, Schannel (secure channel) and Digest which are all part of the Windows security architecture.

LT Auditor+ 2013 is able to completely audit all activity associated with Kerberos […]

By |January 14th, 2016|Blog|0 Comments

Inactive Active Directory User Accounts

Active Directory (AD) users’ IDs that have not been used for extended periods of time pose a threat to any organization, as these IDs could be used to gain illegal access to the network.  Most security policies and compliance regulations also mandate that Active Directory user accounts be disabled after a certain period of inactivity. […]

By |January 14th, 2016|Blog|0 Comments

Auditing and Monitoring Active Directory Group Policies

Group Policy is a core component of Active Directory (AD) used to centrally manage an organizations’ security, application, and user settings. Group Policy settings are divided into user and computer sections, and a policy can be configured to be applied based on whether the target is a user or computer object.

An extensive range of functionality […]

By |January 14th, 2016|Blog|0 Comments

Assess and Monitor File/Folder Security Permissions

Access to files and folders is controlled by permissions or Discretionary Access Control Lists (DACLs) assigned to folders and files. In an Active Directory (AD) environment, user access to file and folder resources is governed by DACLs assigned directly or based on memberships to groups that have been granted permissions to these resources.

LT Auditor+ 2013 […]

By |January 14th, 2016|Blog|0 Comments

Detecting High Volume Copy Operations on Windows File Systems with LT Auditor+ 2013

Why Audit High-Volume Copy Operations?
One of the most common methods to extract or steal information is to copy large volumes of critical information from file shares to either flash drives or other USB devices that can be easily removed from the environment. There have been several examples of high-volume data theft. Here are some of […]

By |January 14th, 2016|Blog|0 Comments

Activity Director User Account Lockout Activity

User account lockouts in Active Directory occur for a variety of reasons, and often the challenge is to determine the Windows node and user causing the lockout so as to resolve the issue. Account lockouts can be a frustrating experience for users, a nightmare for network administrators, and a cause for concern for security administrators. […]

By |January 14th, 2016|Blog|0 Comments

Track and Audit Active Directory Access Control Permissions

Access control is used to govern user access to shared resources for security purposes. Active Directory access control is administered at the object level by setting different levels of access, or permissions, to objects. Some of the types of permissions that can be given to any object are:

Full Control – complete access
Write
Read
No Access
Create Child Objects
Delete […]

By |January 14th, 2016|Blog|0 Comments

Track and Audit Active Directory Group Membership

Active Directory (AD) has two types of groups called Security and Distribution. Distribution groups are used for distribution lists in Exchange and cannot be assigned permissions or rights. Security groups are used for assigning permissions and rights and can also be used for distribution lists.

As security groups are used to control access permissions to resources […]

By |January 14th, 2016|Blog|0 Comments

Track and Monitor Active Directory Activity

Active Directory (AD) is a directory service that controls who has access to systems, applications, and data resources across the network. It is therefore very important to get visibility into Active Directory and track activities occurring within it to reduce risks and ensure confidentiality, integrity, and availability of resources.

LT Auditor+ protects your organization from internal […]

By |January 14th, 2016|Blog|0 Comments

PCI DSS Compliance Update Regarding Transfer of Responsibilities to Merchants

The new technology used in credit cards is the chip technology. Cards with chips are known as EMV cards. EMV stands for Europay, MasterCard, Visa. EMV cards come in two flavors – chip and PIN or chip and signature. MasterCard acquired Europay in 2002. EMV cards are in use in Europe since 1992. Unlike the […]

By |December 23rd, 2014|Blog|0 Comments