Microsoft Defender for Identity provides a Secure Score system that helps organizations gain insights into their security posture. It comes with fourteen recommended actions aimed at helping businesses enhance their security measures. An integral part of this package is the feature to "Protect and manage local admin passwords with Microsoft LAPS". This system includes various actions such as resolving insecure domain configurations, protecting local admin passwords, VPN integration, and many more.
Resolve unsecure domain configurations
Resolve unsecure account attributes
Remove dormant accounts from sensitive groups
Protect and manage local admin passwords with Microsoft LAPS
Configure VPN integration
Reduce lateral movement path risk to sensitive entities
Stop clear text credentials exposure
Disable Print spooler service on domain controllers
Stop legacy protocols communication
Stop weak cipher usage
Remove unsecure SID history attributes from entities
Modify unsecure Kerberos delegations to prevent impersonation
Install Defender for Identity Sensor on all Domain Controllers
Set a honeytoken account
While some of these actions are straightforward, others require comprehensive planning, auditing and certain levels of expertise. Additionally, Microsoft has updated the list with six new recommendations, with plans to discuss these new entries in future blog posts.
Microsoft's Secure Score system is a proactive approach to maintaining security within an organization. One of the primary recommendations is the protection and management of local admin passwords via Microsoft LAPS. Microsoft LAPS refers to the Windows Local Administrator Password Solution, an enhanced and efficient feature to upgrade the level of protection in any organization.
Microsoft Defender for Identity offers fourteen recommended actions to improve an organization's security posture. The fourth recommended action is to "Protect and Manage Local Admin Passwords with Microsoft LAPS". This recommendation involves using Microsoft's Local Administrator Password Solution, which is a new and improved version of their previous solution. It requires the use of a password vault to securely store and manage local administrator passwords. This will help protect against malicious actors gaining access to the local administrator accounts. Additionally, it will help organizations keep track of their local admin passwords, ensuring that they are changed on a regular basis. Furthermore, Microsoft recommends using multi-factor authentication to further protect local admin accounts. Finally, organizations should ensure that all local admin accounts have the same password across their entire environment, and that the passwords are not shared. Following these recommendations will help ensure that organizations' local admin accounts remain secure and protected.
Microsoft LAPS, Local Administrator Password Solution, Secure Score, Unsecure Domain Configurations, Unsecure Account Attributes, Dormant Accounts, VPN Integration, Lateral Movement Path Risk, Clear Text Credentials Exposure, Print Spooler Service, Legacy Protocols, Weak Cipher Usage, SID History Attributes, Kerberos Delegations, Defender for Identity Sensor, Honeytoken Account