We’ve all probably heard the old axiom that a chain is only as strong as its weakest link. In the context of cybersecurity, in many IT environments the weakest link is the workstations that administrators with privileged accounts use to connect to critical infrastructure and applications. If these management workstations aren’t properly secured, high privilege user credentials can be stolen, and those stolen credentials will be used to compromise more infrastructure, applications and data.

One of the most common questions I get from security professionals who are trying to mitigate credential theft and reuse attacks is how to create a management workstation that secures privileged accounts?

I’d like to highlight some excellent new guidance that colleagues of mine in Microsoft’s new Enterprise Cybersecurity Group recently contributed to:

This new guidance was the result of a collaboration of folks from across Microsoft including contributions from the Enterprise Cybersecurity Group, our internal Microsoft IT security teams, the Microsoft Azure security team, as well as consultants in Microsoft Consulting Services and Premier Field Engineers that deliver these solutions every day, and many others across the company.

While they are pretty busy helping customers defend against cyberattacks, the authors are interested in hearing suggestions on how to improve this guidance. Please send feedback to CyberDocFeedback@microsoft.com.

Tim Rains
Chief Security Advisor
Enterprise Cybersecurity Group