Setting Up Password Policies in Active Directory: A Guide by Critical Path Security

Establishing a Strong Password Policy Protecting your network starts with a robust password policy. With Microsoft Active Directory, you can utilize Group Policy to dictate various password criteria like complexity, duration, and size. Locate the default domain password policy at: Group Policy object (GPO) -> Computer configuration -> Policies -> Windows Settings -> Security Settings -> Account Policies -> Password Policy. Since Windows Server 2008, you can implement detailed policies for specific organizational units through Active Directory Administrative Center (DSAC) or PowerShell. NIST's Password Recommendations The National Institute of Standards and Technology (NIST) provides Digital Identity Guidelines, which emphasize: Password Complexity and Length: Contrary to forcing numerous symbols, NIST suggests promoting lengthy passwords or passphrases, ideally up to 64 characters. Password Duration: Instead of regular password changes, NIST now advises changing passwords only if a security threat is perceived. Avoid Easily Guessable Passwords: Steer clear of simple patterns, default passwords,…

Comments Off on Setting Up Password Policies in Active Directory: A Guide by Critical Path Security

CISO Advisory Services: A Deeper Dive into the Selection Process Using the McKinsey 7-S Framework

At Critical Path Security, we recognize the pivotal role of the Chief Information Security Officer (CISO) in today's businesses. Our CISO advisory services are designed to provide the strategic oversight and cybersecurity expertise that companies require, without the need for a full-time commitment. This service is especially beneficial for organizations that may not have the resources to staff a full-time CISO but understand the importance of cybersecurity leadership. The Vital Role of a CISO In the realm of cybersecurity, a CISO is more than just a role-it's a necessity. This senior-level executive is responsible for shaping and steering an organization's strategy to protect its most valuable digital assets. At Critical Path Security, our focus is on providing a CISO's strategic oversight, including the establishment of cybersecurity policies, management of risk, and ensuring compliance with evolving regulations. Expansive Responsibilities of a CISO Our CISOs at Critical Path Security carry a broad…

0 Comments

Uptick is Phishing from SharePoint and Teams: What you should know. What we’re doing about it.

We hope this message finds you well. We wanted to bring to your attention an emerging security concern that has been affecting a number of Office365 users. There has been a significant uptick in phishing attempts that seem to originate from legitimate SharePoint links and Microsoft Teams chat requests. These deceptive attempts are the result of compromised Office365 accounts. To ensure the security of your data and prevent your employees from falling victim to such scam emails, it's crucial to understand and recognize the warning signs. Here are the clear red flags to watch out for: Unknown File Sharer: If you cannot identify who shared the file with you, it's best to err on the side of caution. Always avoid opening files from unknown or suspicious sources. Vague File Details: If a file is shared without any prior context or an explanation of its content and purpose, consider it a…

Comments Off on Uptick is Phishing from SharePoint and Teams: What you should know. What we’re doing about it.

Critical Path Security and Ryan Vargas to compete in the NASCAR Whelen Euro Series – Circuit Zolder!

🏁 Exciting News! 🌍 At Critical Path Security, we're thrilled to share some exhilarating developments with you. As we expand our services into more areas around the world, we're also gearing up for an incredible racing adventure with NASCAR driver Ryan Vargas. On October 14-15, 2023, we'll be at Circuit Zolder in Belgium, accompanying Ryan Vargas as he immerses himself in two distinct NASCAR cultures. It's all part of our commitment to excellence, whether on the cybersecurity front or the racetrack. In Belgium, Ryan will be taking the wheel of the No. 30 Critical Path Security Chevrolet Camaro, competing in the NASCAR Whelen Euro Series event. This marks the culmination of a groundbreaking collaboration between Team FJ and 3F Racing in the EuroNASCAR PRO division, showcasing his adaptability and talent. This global journey encapsulates the contrast between the precision of European racing and the adrenaline rush of other NASCAR events,…

0 Comments