Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory environment.
- Create a honeypot Administrator account to track attacks
- Ensure the built-in Administrator account is secured
- Monitor activities performed by users that have privileges in Active Directory
- Reduce membership in privileged groups
- Be informed when any privileged group changes membership
- Track changes to service accounts to ensure the highest level of security