Scribd Logo
Upload

Welcome to Scribd!

  • 99 views

    Privileged Access Workstation: Credential Hygiene and PAW

    Uploaded by

    Yohanna Monsalvez
    nh

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Privileged Access Workstation: Credential Hygiene and PAW

    Uploaded by

    Yohanna Monsalvez
    99 views2 pages
    nh

    Original Title

    pew

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    nh

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    99 views2 pages

    Privileged Access Workstation: Credential Hygiene and PAW

    Uploaded by

    Yohanna Monsalvez
    nh

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 2

    Privileged

    Access
    Workstation
    Help prevent the compromise of Overview
    privileged account credentials from
    cyber-attacks Cyber-attacks continue to increase in persistence and sophistication.
    Attackers use a variety of techniques to steal credentials, constantly seeking
    Potential Benefits: administrative access to fully control corporate and government computing
    environments. Loss of privileged user accounts results in attackers having access
    • Promotes highly secured and
    to most or all of an organization’s electronic documents, presentations,
    usable workstations to safeguard
    all types of admin accounts applications, databases, and other intellectual property.
    • Dedicated domain accounts for Additionally, attackers can implant back doors on any system, which can often
    admins which are restricted to evade antimalware and intrusion detection systems. Organizations should seek to
    high-trust clients to avoid protect admin accounts as one of their most valuable assets. The only safe
    accidental credential exposure
    recovery from an admin compromise is building a brand new environment, which
    • Built in a secure lab with known-
    good media, and easily deployed can be extremely difficult, slow, and expensive.
    using Microsoft Deployment
    Toolkit Credential Hygiene and PAW
    • Automated creation of Active
    Directory structures and policies Credential hygiene is the recommended practice for verifying that privileged user
    that harden and help protect the
    accounts only log on to workstations and servers that are sufficiently trusted and are
    PAWs and admin accounts
    • Increased security by preventing not used to perform high-risk activities such as Internet browsing. This is critical
    vulnerable applications in software because an administrator who uses a low-trust workstation might unwittingly access
    from being successfully exploited attacker-controlled malware that might be used to steal the administrator’s
    by attackers credentials.
    • Can restrict Internet browsing and
    Privileged Access Workstation (PAW) enforces credential hygiene by separating
    other high-risk activities of
    administrative accounts from normal user accounts (such as those for email and
    administrative account users
    web browsing) and compartmentalizing log on access for each type of administrative
    Duration: account.
    Starting at 3 weeks Microsoft Services provides multi-week engagement to assist you in creating a PAW
    and supporting Active Directory configurations as described at:
    Cost:
    http://aka.ms/cyberpaw. We provide you a hardened, standardized administrative
    Starting at 188 hours image, and assistance with deployment to a pilot group of administrators.

    © 2016 Microsoft Corporation. All rights reserved. This description is for informational purposes only. MICROSOFT MAKES NO WARRANTIES,
    EXPRESS OR IMPLIED, IN THIS SUMMARY. Microsoft is either a registered trademark or trademark of the Microsoft group of companies.
    PAW Solution Details
    Auditing and Monitoring
    For attack detection and system health purposes, the solution implements auditing
    and monitoring of the PAW using Microsoft Operations Management Suite. The agent
    is included in the installation automation to simplify deployment and to enable rapid
    data collection.

    Advanced Protection Technologies


    Administrators log on to dedicated physical workstations that are hardened to improve
    their ability to resist remote attacks, local privilege escalation attacks, and physical
    compromise. The solution employs hardened configuration policies, Credential Guard
    to help protect privileged user credentials, Windows BitLocker Drive Encryption for
    system integrity, and the Enhanced Mitigation Experience Toolkit (EMET) for
    improved exploit-technique protections.

    Technologies Used in This Solution


    Additional Delivery Options: • Windows 10, Build 1511 (x64-based processor) or later
    • Windows Server 2012 R2 Active Directory Domain Services
    • Two-factor authentication for • Group Policy-based Security Baselines applied to all systems
    admin accounts using smartcards • Microsoft Operations Management Suite
    • AppLocker for application • Microsoft Deployment Server 2013 with Update 2
    whitelisting • BitLocker
    • Device Guard for user and kernel- • Credential Guard
    mode integrity • EMET
    • IPsec protected traffic between the • Windows Defender
    PAW and managed systems
    • Virtual private networks on client
    machines
    Solution Delivery and Content
    This solution uses extensive automation to provide consistency during the deployment
    • Use and installation of third-party
    of each PAW, and to configure the customer’s Active Directory with the necessary
    tools and management consoles
    structure and policies to enforce the security controls necessary for modern credential
    • IT service management
    theft mitigation. The base PAW image comes installed with many of the common
    systems administration tools such as:
    • Remote Server Administration Tools (RSAT)
    • Systems Internals Suite
    • Microsoft Message Analyzer and Network Monitor
    • Azure PowerShell modules
    • Microsoft System Center consoles

    Why Microsoft Services?


    Comprehensive Approach
    With comprehensive Security and Identity services across strategy and planning,
    implementation, and ongoing support, we can help your business implement virtually
    seamless, consistent solutions that align with your strategic goals.
    Unparalleled Access
    With direct access to product development teams, we can make use of our Security
    and Identity products’ latest capabilities to create, integrate, and enhance solutions
    that can help protect your business and promote innovation.
    Highly Skilled Resources
    Employed to help protect the world’s largest organizations and on the forefront in the
    fight against cybercrime, our diverse group of highly trained technical professionals
    can offer you a wealth of security and identity experience.
    For more information about Consulting and Support solutions from Microsoft, contact your
    Microsoft Services representative or visit www.microsoft.com/services

    You might also like