Technology | Rec. | Notes |
---|---|---|
Multi factor authentication | ||
LAPS | Win | |
Pass-the-hash | Win |
Technology | Rec. | Notes |
---|---|---|
Network | Segment network | Win |
Web Proxies | Block uncategorized sites by default | e.g., w/ Bluecoat |
Technology | Rec. | Notes |
---|---|---|
limit workstation-to-workstation communication | ||
limit egress points | block outbound from servers via local FW |
Technology | Rec. | Notes |
---|---|---|
WEF | Win |
Technology | Rec. | Notes |
---|---|---|
Prevent 3rd party employees (e.g., consultants) from sending email externally via corp. email address |