Back to the basics: Why having Terminal Services and Remote Desktop Services on the Domain Controller is a very bad idea.

Security is a top concern for organizations of all sizes, and it is critical to ensure that sensitive information and systems are protected against threats. One of the key security risks of combining domain controller roles with terminal server roles is the potential for data breaches. In this post, we will examine the security implications of combining these two roles and why it is best to keep them separate. Increased Attack Surface: Terminal servers are designed to provide remote access to users, which makes them a prime target for attackers. When the domain controller role is added to the terminal server, the attack surface is increased, making it easier for attackers to gain access to sensitive information. This can result in unauthorized access to sensitive data, such as user credentials, security policies, and other confidential information stored on the domain controller. Lack of Segmentation: Domain controllers store and manage sensitive…

Comments Off on Back to the basics: Why having Terminal Services and Remote Desktop Services on the Domain Controller is a very bad idea.

The Breast Cancer / ALS Giveaway Winner Has Been Chosen!

We're so incredibly excited to announce that Julie has won the giveaway for Daytona!  Hang out with Ryan Vargas, the folks from Critical Path Security, Léargas Security, and CHK Racing! Get free merchandise like hats, hero cards & team gear! Personal Meet & Greet Hang out by the pit box/on pit road during the race! Lots of cool stuff! At Critical Path Security, we believe that Breast Cancer Awareness is important because it helps to educate people about the disease and encourages early detection, which can significantly improve treatment outcomes. With early detection, breast cancer can often be successfully treated, and raising awareness can help to reduce the stigma and fear associated with the disease. Breast Cancer Awareness is crucial in the fight against this disease, and everyone can play a role in promoting awareness and supporting those affected by breast cancer. Let no one say that @mohwkfoundation, @criticalpathsec and…

Comments Off on The Breast Cancer / ALS Giveaway Winner Has Been Chosen!

The Importance of External Vulnerability Scans for Your Business

Cybersecurity threats are an ever-present danger for businesses of all sizes. Cyber criminals are constantly developing new techniques to breach systems, steal data, and cause harm. In order to mitigate these risks, it is essential to have robust security measures in place. One such measure is the use of scheduled external vulnerability scans. What is an External Vulnerability Scan? An external vulnerability scan is a process by which a security professional or automated tool analyzes a company's online presence and infrastructure for vulnerabilities. This includes website, public IP addresses, and any other online assets that are publicly accessible. The scan looks for any security weaknesses that could be exploited by an attacker, such as unpatched software, misconfigured systems, or weak passwords. Why is an External Vulnerability Scan Important? One of the key benefits of external vulnerability scans is early detection of vulnerabilities. By identifying potential weaknesses before they are exploited,…

Comments Off on The Importance of External Vulnerability Scans for Your Business

The Importance of Inventory & Control of Software Assets to EMCs

In our last post, we covered Control One, Inventory & Control of Enterprise Assets. In this post, we are covering Control Two, The Importance of Inventory & Control of Software Assets. Besides clicking on a link in an email thereby inviting threat actors into your environment, what is another way to gain access to the data behind the firewalls? Unpatched software! Given today's cybersecurity climate, it is imperative for EMCs (and all organizations) to stay on top of updates, patches, and to perform regular vulnerability scans to test for known problems. When we turn on a computer or other network device, we expect it to power up and perform as it was designed. We want our lives without the worry of losing hundreds of thousands of dollars, maybe even millions, after finding out our entire network has been taken hostage and held for ransom! But that is what is happening…

Comments Off on The Importance of Inventory & Control of Software Assets to EMCs