This article is written for any security or infrastructure stakeholder that is planning, implementing or looking into the Microsoft Enhanced Security Administrative Environment (ESAE). In addition, if you are a SME that has been tasked to find out Centrify's role within this security model, this is one starting place.
The first article starts with the basics. This FAQ is for those who don't know what MS ESAE is, and would like to get a quick primer on these recommendations. Please keep in mind that in security, the main reality is evolution, this means many of the topics in this article will change over time as threats and threat agents evolve their tactics around credential theft; change will also be driven as new technologies are implemented to address these risks.
FAQ: Microsoft Enhanced Security Administrative Environment and Centrify - The Basics
- A Windows service configured with a credential is started.
- And many more.
- It's about reducing the attack surface. T all users and workstations.
Unfortunately, organizations struggle with this concept because the security industry has not embraced temporary access in a way that makes it easy to request spot administrative rights in Windows workstations.
We have some capabilities already and are working focused in this area. In the next few articles we'll discuss in-depth.
Centrify's IAM Maturity Model
Windows credential theft is just one of the challenges facing security practitioners. It's well-known that this is one of the tools widely used by threat agents; this is why we preach the implementation of a constantly evolving Identity and Access maturity model depicted here:
The principles outlined in this model are transferable to all platforms and contexts (endpoint, apps, infrastructure) that are susceptible to credential theft. It's called an "identity perimeter" and Centrify is constantly investing in this area.