• 21 Sep 2017

    Fortune Cookies Don’t Lie: Office 365 Cloud Security Is in Your Future

    The meal is finished, so your waiter brings the check and a handful of fortune cookies. One by one, you and your friends go around the table reading them. “‘You cannot stop the waves, but you can learn to surf.’ Well, that’s profound.” “‘The love of your life will appear in front of you unexpectedly.’ Huh. I never could have guessed that.” “‘A great...
    • 21 Sep 2017

    Improving Active Directory Security with Blue Team defense services

    A few weeks ago, Bryan Patton wrote about using Microsoft's Enhanced Security Admin Environment (ESAE) to improve your Active Directory security . Whether you make the decision to migrate to an ESAE environment, to an "Orange Forest", or to harden your existing environment, Quest can help you identify and remediate existing gaps as well as provide proactive management to prevent future gaps from developing...
    • 20 Sep 2017

    Nail Your Security Audits and Assessments – Enterprise Reporter Suite

    “Call and let me know how much fun you’re having,” I told my cousin when she went off to college a few weeks ago. “As if,” she said. “What’s the big deal?” I said. “Spend five minutes and tell me how much fun you’re having.” “I’d rather spend those five minutes having fun than reporting on it. You’re on my finsta ; that’s all...
    • 20 Sep 2017

    When $#!% hits the fan, what’s your Azure AD recovery plan? Find out at Microsoft Ignite!

    Identity is the new control plane, which means that being able to back up and recover both your on-premises Active Directory and Azure Active Directory (AD) is critical. But most customers I work with don’t know how to respond if sensitive objects are accidentally or maliciously deleted from Azure AD. See, if you use Microsoft Azure AD or Office 365 , it is important to understand the differences between the on...
    • 19 Sep 2017

    How to protect against AD security breaches and insider threats? Find out at Microsoft Ignite!

    Remember Hank the Hacker ? Hank is a fictional character we created for a recent webcast series around Active Directory security best practices. Hank represents hackers that appear in many shapes and sizes and who love to exploit the security limitations of AD, Azure AD and Office 365 . Hank the Hacker will send cyberattacks on your email, he’ll block login access with ransomware, he’ll use pass-the-hash techniques...
    • 18 Sep 2017

    Detecting Active Directory breaches: How to Focus on the Needles and Not the Haystacks

    One thing is for certain – security has never been so scrutinized and publicized as it has these last few years. IT security spending is the highest it has ever been and yet cyberattacks, and the stolen company and customer data that follows, continues to dominate headlines. Just this month as many as 143 million customers were affected by the breach at credit reporting agency Equifax. The worldwide economic impact...
    • 13 Sep 2017

    Shirt me at Microsoft Ignite

    Humans, by nature, are obsessed with free things. This is one of the main reasons I avoid Costco during peak sample hours. And the only thing better than free things – are cool free things. That’s why I’m personally pumped about our daily giveaways and raffle prizes happening in booth 717 at Microsoft Ignite . So, whatcha got? First, we’re giving away #STOPHANK t-shirts and some other cools...
    • 12 Sep 2017

    How Microsoft Red Forest improves Active Directory Security

    In the early days of Active Directory , a decision had to be made as to whether you were going to do an in-place upgrade of your existing Windows NT 4.0 environment, or if you were going to do a “greenfield” migration. Some organizations had multiple domains and did a combination of both. As Active Directory (AD) grew in popularity, there were less greenfield migrations and more AD forest-level consolidations...
    • 12 Sep 2017

    Quest is back at Ignite – 3 reasons you should get excited

    We interrupt this blog to bring you this message: Our thoughts and well wishes go out to to all those who were impacted by Hurricane Harvey and Hurricane Irma. Recovery from these catastrophic disasters won’t be quick and many will need our help to get back on their feet. Please check out the Texas Emergency Preparedness site or the Irma Relief Fund to discover ways you can play a role in helping those impacted...
    • 31 Aug 2017

    GDPR Compliance Requirements and Implications for US Companies

    GDPR - General Data Protection Regulation – Photo Courtesy: Descrier I thought I would dedicate this blog to one topic that keeps coming up: “As a US business or government organisation, does GDPR affect me?” However, even if you are not based in the United States, I encourage you to continue reading, as the same challenges, restrictions, enforcements and opportunities still apply around the world...
    • 30 Aug 2017

    Quest product mapping to NIST Cybersecurity Framework and DFS Cybersecurity regulation

    In reviewing the DFS Cybersecurity regulation Section 500.02, I immediately began thinking of the NIST Framework. Section B has several subsections that map to NIST: Identify Risks Identify Defensive Infrastructure Protect Detect Cybersecurity Events Detect Respond to Events Respond Recover from Events Recovery While Quest does not offer tools that are going to help across...
    • 28 Aug 2017

    Cybersecurity: Can we play in your backyard? Maybe not

    Nearly everyone is somewhat concerned about cybersecurity, but some U.S. states are getting serious by passing new laws and regulations. While Europe is beginning to deal with the General Data Protection Regulation (GDPR) , New York a...
    • 28 Aug 2017

    Features vs. Risks of the Office 365 cloud platform

    Years ago, I was an IT consultant specializing in an industry well known for the sensitivity of its documents and communications. One these companies, which had gone to great lengths to control any potential data leakage, tasked me with auditing their IT security. During the course of the audit, we quickly found a weak point: Documents on their newly deployed Windows Terminal Services servers could be simply copied...
    • 23 Aug 2017

    Migrate like a champ with Migrator for Notes to Exchange!

    Migrator for Notes to Exchange uses MAPI connections to Exchange and Office 365 targets. For those customers that are new to Exchange, MAPI is the same type of connection used by the Outlook client to natively to connect to Exchange. Using MAPI connections provides many benefits for your migration, including enhanced data fidelity and performance. For those customers migrating to Office 365, using a MAPI connection is...
    • 17 Aug 2017

    Combat GDPR with Quest's Microsoft Platform Management Tools

    As we become ever more reliant on technology we are seeing more and more threats to our data. These threats are not only coming from the “bad guys” out there knows as hackers like Hank . They can also come from malicious employee who feel hard done by and want to get their own back. The negligent new IT admin making changes to their Active Directory without thinking of the repercussions to the business, followed...
    • 4 Aug 2017

    Simplify Healthcare M&A with Automated AD and Exchange Tools

    Simplify your healthcare mergers and acquisitions with secure and automated tools for Active Directory and Exchange consolidations.
    • 1 Aug 2017

    Healthcare Mergers and Acquisitions: A Prescription to Improve Security Before Migration

    Several forces are combining to create a historic period of consolidation in the healthcare industry. Increased competition, a shift to outcomes-based reimbursement models, and an overall need to widen the scope of care while reducing costs are driving more and bigger M&A deals. In fact, according to Thomson Reuters, healthcare M&A deals totaled US$672.9 billion during 2015, which was a 71% increase from 2014...
    • 24 Jul 2017

    How to fight back against ransomware

    DisasterRecoveryLady here; did you miss me? The year’s only half over, and we’ve already seen a ton of ransomware and viruses being spread through email. What’s worse, the attacks keep getting more sophisticated! For example, the Verge reported in May that Google Docs users were targeted in a phishing scheme that sends them an email invitation from someone they may know. Clicking on the link takes them...
    • 20 Jul 2017

    Bungled access control spills data on 200 million Americans. Maybe you?

    Once again, let’s all learn the lesson about improper access control being at the root of yet another information leak, shall we? As reported by the BBC and many others, the personal data of 200 million U.S. citizens was accidentally exposed online due to an improperly configured security setting. Here’s my favorite comment/quote from the story: "Since this event has come to our attention, we...
    • 19 Jul 2017

    Three Reasons I’m Inspired by Microsoft Inspire

    What a week! More than 17,000 attendees packed a convention center in Washington D.C. to hear Microsoft’s latest direction and connect with partners and ISVs from around the globe. Microsoft wasted no time getting down to business and delivered a week full of new initiatives and reinforced strategic direction for partners to execute. I walked away convinced Microsoft has the right vision to help customers –...
    • 18 Jul 2017

    Advantages of an Active Directory Auditing Agents

    Understanding the architecture of a product is vital for a customer in deciding if it is a good fit for their organization. Over the years, we've seen debates on whether agent-based or agent-less solutions are a better fit for organizations. A decision needs to be made whether or not the benefits of an agent merit its use. In my 15+ year tenure at Quest, we have released both agent-based and agent-less Active Directory...
    • 17 Jul 2017

    Windows Permissions and Security – Four Kinds of Dull Tasks We’ve Automated for You

    “It's easier to ask forgiveness than it is to get permission.” Maybe Rear Admiral Grace Hopper was first to say that , and maybe she wasn’t. She certainly knew a thing or two about permission . I think that if she’d known what network administrators go through, she’d have said that almost anything is easier than managing Windows permissions across an entire IT environment. In my previous...
    • 14 Jul 2017

    WWE Data Leak Lesson - Tighten Data Security or Face the Sweet Chin Music

    Data leaks and security breaches can happen to anyone, at any time. You never know when some jabroni is hiding under the wrestling ring with a steel chair, ready to attack and steal your data! The most recent example is the July 6 story from Forbes.com citing the massive WWE data leak, exposing 3 million global wrestling fans’ personal information, including home addresses, educational background, earnings and ethnicity...
    • 14 Jul 2017

    Windows Permissions and Access Control – Stick Shift or Automatic?

    If managing Windows permissions is like driving a car, would you rather have a stick shift or an automatic transmission? A stick shift is cool, and it makes you feel like a teenager again. Kind of like the Microsoft security tools you get inside Windows. “Looks like the guys in Finance are having trouble with inherited permissions,” you tell your colleagues importantly. “I’ll run subinacl on...
    • 14 Jul 2017

    GDPR Compliance FAQ

    Thank you to everyone who joined the June 22 webcast, GDPR Compliance Planning for Microsoft Environments . Microsoft MVP Greg Schulz and Quest principal technology strategist Colin Truran led a great, interactive session where they discussed: Why GDPR and other regulations impact your environment How to assess and identify compliance risks How to discover who has access to sensitive resources Why real-time...