Figure 4-3: Short-term goal plan  The figure shows four separate areas:  1

121 
CHAPTER 4 | Security and identity 
Following on from that, you should begin to focus on implementing time-bound privileges; that is, a 
user can request privileges that will expire after a predefined period of time. This means that there 
does not need to be actual administrators, as such, because the users can request the access they 
need, be approved, and perform the necessary tasks. This concept is based on Microsoft Identity 
Manager and functions provided by JEA. 
You also should implement multifactor authentication for privileged access to further mitigate attacks 
on the systems. You can do this by using token-based security or call-back or smart cards. Next, you 
can begin to implement JEA. JEA is simple in principle because it specifies that you grant the very 
minimal amount of privileges to an account that are needed to perform the given function. We will 
talk about JEA in more detail later in this chapter. 
Further securing domain controllers is the next step, and you will finish by implementing threat 
detection via Advanced Threat Analytics (ATA). ATA provides the ability to detect abnormal behavior 
in your systems and make you aware of them quickly. It does this by profiling your user’s behavior 
and establishing what that user’s normal patterns are. If the user does something outside this normal 
pattern, ATA will alert you. ATA is far more advanced than this simple explanation implies. To learn 
more about it, go to 
http://aka.ms/ata
. 
Figure 4-4 presents an illustrated overview of the medium-term plan. 

Download 13,37 Mb.

Do'stlaringiz bilan baham: