Microsoft Defender for Identity Recommended Actions: Protect and manage local admin passwords with M
Image Source: Shutterstock.com
Security
Aug 23, 2023 12:00 PM

Microsoft Defender for Identity Recommended Actions: Protect and manage local admin passwords with M

by HubSite 365 about Raymond Roethof [MVP] (Microsoft Security Blog)

Microsoft Security MVP

Pro UserSecurityLearning Selection

Microsoft Secure Score helps organizations get insights into security posture based on security-related measurements.

Microsoft Defender for Identity provides a Secure Score system that helps organizations gain insights into their security posture. It comes with fourteen recommended actions aimed at helping businesses enhance their security measures. An integral part of this package is the feature to "Protect and manage local admin passwords with Microsoft LAPS". This system includes various actions such as resolving insecure domain configurations, protecting local admin passwords, VPN integration, and many more.

  • Resolve unsecure domain configurations

  • Resolve unsecure account attributes

  • Remove dormant accounts from sensitive groups

  • Protect and manage local admin passwords with Microsoft LAPS

  • Configure VPN integration

  • Reduce lateral movement path risk to sensitive entities

  • Stop clear text credentials exposure

  • Disable Print spooler service on domain controllers

  • Stop legacy protocols communication

  • Stop weak cipher usage

  • Remove unsecure SID history attributes from entities

  • Modify unsecure Kerberos delegations to prevent impersonation

  • Install Defender for Identity Sensor on all Domain Controllers

  • Set a honeytoken account

While some of these actions are straightforward, others require comprehensive planning, auditing and certain levels of expertise. Additionally, Microsoft has updated the list with six new recommendations, with plans to discuss these new entries in future blog posts.

Understanding Microsoft's Protective Measures

Microsoft's Secure Score system is a proactive approach to maintaining security within an organization. One of the primary recommendations is the protection and management of local admin passwords via Microsoft LAPS. Microsoft LAPS refers to the Windows Local Administrator Password Solution, an enhanced and efficient feature to upgrade the level of protection in any organization.

 

Read the full article Microsoft Defender for Identity Recommended Actions: Protect and manage local admin passwords with M

Learn about Microsoft Defender for Identity Recommended Actions: Protect and manage local admin passwords with M

Microsoft Defender for Identity offers fourteen recommended actions to improve an organization's security posture. The fourth recommended action is to "Protect and Manage Local Admin Passwords with Microsoft LAPS". This recommendation involves using Microsoft's Local Administrator Password Solution, which is a new and improved version of their previous solution. It requires the use of a password vault to securely store and manage local administrator passwords. This will help protect against malicious actors gaining access to the local administrator accounts. Additionally, it will help organizations keep track of their local admin passwords, ensuring that they are changed on a regular basis. Furthermore, Microsoft recommends using multi-factor authentication to further protect local admin accounts. Finally, organizations should ensure that all local admin accounts have the same password across their entire environment, and that the passwords are not shared. Following these recommendations will help ensure that organizations' local admin accounts remain secure and protected.

More links on about Microsoft Defender for Identity Recommended Actions: Protect and manage local admin passwords with M

Secure Score - Microsoft Community Hub
The following Microsoft Defender for Identity recommendations will be added as Microsoft Secure S. Score improvement actions: Remove the attribute 'password ...
Security assessment: Microsoft LAPS usage
Feb 5, 2023 — This article provides an overview of Microsoft Defender for Identity's Microsoft LAPS usage identity security posture assessment report.
What is Microsoft Defender for Identity? - ...
Jun 11, 2023 — Defender for Identity security reports help you identify users and devices that authenticate using clear-text passwords and provide extra ...
Microsoft Defender for Identity frequently asked questions
Provides a list of frequently asked questions about Microsoft Defender for Identity and the associated answers.
Manage action accounts - Microsoft Defender for Identity
Feb 5, 2023 — Learn how to manage action accounts to work with Microsoft Defender for Identity.
Microsoft Defender for Identity Directory Service account ...
Jul 5, 2023 — Learn how to create a Directory Service account (DSA), and configure it to work with Microsoft Defender for Identity.
Microsoft Defender for Identity monitored activities
Feb 5, 2023 — Microsoft Defender for Identity monitors information generated from your organization's Active Directory, network activities and event ...
How to implement Defender for Identity and configure all ...
Oct 4, 2022 — Defender for Identity monitors the domain controllers by capturing and parsing network traffic and using the Windows events directly from the ...

Keywords

Microsoft LAPS, Local Administrator Password Solution, Secure Score, Unsecure Domain Configurations, Unsecure Account Attributes, Dormant Accounts, VPN Integration, Lateral Movement Path Risk, Clear Text Credentials Exposure, Print Spooler Service, Legacy Protocols, Weak Cipher Usage, SID History Attributes, Kerberos Delegations, Defender for Identity Sensor, Honeytoken Account