A typical business network has at least one of them and probably more than the admins want to admit: a legacy server or workstation running an ancient piece of business software that you just can’t wean yourself off. If you are lucky, it’s on a virtual machine that you can move at a moment’s notice.
As Microsoft’s Aaron Margosis notes in his blog, you should ideally retire legacy applications and upgrade to a new supported, secure application. In reality, organizations use legacy systems. Jessica Payne discussed protecting these legacy systems on a Windows network at a recent Microsoft virtual security summit. This is some of the advice she and Margosis offer:
Check log-in credentials
Review if you log onto that system with domain administrator credentials. Legacy systems often keep hash values of credentials on the system that can be easily harvested using widely available credential harvesting tools such as mimikatz. Ensure that you do not log into these systems with high-privileged credentials.
L'IA : opportunité ou menace ? Les DSI de la finance s'interrogent Alors que l'intelligence…
Sécurité des identités : un pilier essentiel pour la conformité au règlement DORA dans le…
La transformation numérique du secteur financier n'a pas que du bon : elle augmente aussi…
Telegram envisage de quitter la France : le chiffrement de bout en bout au cœur…
L'intelligence artificielle (IA) révolutionne le paysage de la cybersécurité, mais pas toujours dans le bon…
TISAX® et ISO 27001 sont toutes deux des normes dédiées à la sécurité de l’information. Bien qu’elles aient…
This website uses cookies.