Security, IT
Jason MIller
EDR Testing and Evaluation is a PITA
General, Security
Jason MIller
If you don’t have IAM(Identity Access ...

IAM (Identity and Access Management) is important because it helps organizations control who has access to their resources, and what actions those users can perform. This is essential for maintaining the security and integrity of sensitive data, and for complying with regulatory requirements. IAM also makes it easier for organizations to manage user access across multiple systems and services, and to quickly revoke access when necessary. Additionally, IAM enables organizations to implement a "least privilege" model, where users only have the permissions they need to do their jobs, which can help prevent accidental or malicious breaches.

If you don’t have IAM(Identity Access Management system) get one!
Culture
Jason MIller
Angry, hurt, and sad

Black lives matter and these are a few of my thoughts

Image credit:[George Floyd’s Death At The Hands Of Police Is A Terrible Echo Of The Past: Code Switch: NPR](https://www.npr.org/2020/05/29/865261916/a-decade-of-watching-black-people-die)

Angry, hurt, and sad
Recaps, General
Jason MIller
2018 A year in review

A 2018 review of my year.

General
Jason MIller
Be wary when traveling

Windows Server

OS X Admin Playing with Windows

Oh Windows, you are thou heartless....No, it really isn't but as a Macadmin who spends most of my time on an OS X boxes mixed in with other Unix/Linux OS, Windows Server can seem strange. Windows Server does have command line options however, they expectation is for Admins to use the GUI to configure services or roles. For those who are interested in the Command Line options take a look at Powershell. This is Microsofts recommendation for interacting with Windows Server via the command line. While on Unix/Linux systems you configure via the terminal. Using the GUI has been a huge shift for me, not to mention just knowing some of the nuisances of Windows Server 2012. Windows have changed and made Server Manager much more powerful than the versions in Windows 2008.

Lucky for me that during the setup of my groups Windows Server, I was simultaneously enrolled in a Windows Server configuration course. The course afforded me an opportunity to gain a better understanding of new features and settings Windows in Server 2012. During the setup, I did have concerns about the setup of the Server. Standard Windows configurations would have admins join a domain, which will apply the necessary settings in order to protect the system. But what do you do if you are not joining it to a domain and letting it be a stand alone server?

Things that I thought about were:

  • Local Security Policy
  • Remote Desktop Services
  • Windows Firewall

Local Security Policy is loaded with different Windows Settings that need to be changed or left alone. The different categories to think of are:

  • Account Policies
  • Local Policies
  • Windows Firewall with Advanced Security
  • Network List Manager Policies
  • Public Key Policies
  • Software Restriction Policies
  • Application Control Policies
  • IP Security Policies on Local Computer
  • Advanced Audit Policy Configuration

I have yet to find a comprehensive list of suggestive settings but Microsoft does have resources on their TechNet site which help administrators with this topic:

These are just a few resources I used in order to help configure a Windows Server, however, there are many other resources. If someone has a list of best practices for setting up a Windows Server it may be worthwhile to create a document for the masses at large. Not all Macadmins touch or deal with Windows Server on a regular basis, however, if it would be good to have a guide to help navigate the Windows Waters. At times, I still feel lost but it is a matter of knowing my limitations and finding the correct resources to help solve my problem.