Compass Security Blog

Offensive Defense

Security Best Practices for On-Premise Environments

Due to recent developments we figured it would be great to contribute a cheat sheet and create security best-practices on how to tie down a Microsoft on-prem environment. Our work mostly relies on MS recommendations. However, we put some effort to really condense it to the essence. We hope to see this applied everywhere and thus open-sourced everything in our GitHub repository.

The year 2021 started off with many stories about breached data being made public [1], critical infrastructures being hacked [2] and zero-day vulnerabilities leaving hundreds of thousands of companies worldwide exposed to cyber attacks [3]. Cyber attacks and ransomware are becoming worse and more frequent every year. New ways to infiltrate organisations are identified regularly and for many smaller sized companies, a single attack or data breach can be fatal, putting the company out of business.

Where larger companies with bigger IT budgets and higher degree of automation have less problems dealing with new threats while simultaneously investing in new proactive security measures, small and medium sized businesses often only have the resources to react to actual threats and incidents instead of investing in prevention.

Manuals and product documentation are usually long and complex and reports of performed penetration tests and security assessments often come with a long list of issues to be fixed. This also pose further challenges.

So as part of my research project, I decided to compile a guide to help understand the most important points of securing Windows networks.

Photo by Gabriel Kiener on Unsplash

The guide was published in Compass Security’s public GitHub repository: https://github.com/CompassSecurity/OnPremSecurityBestPractices

If there is some content you would like to add, please feel free to submit a pull request.

In addition, a cheat sheet was created which lists some of the most frequent security issues identified in our penetration tests and possible mitigations.

You can find the Cheat Sheet here:
https://github.com/CompassSecurity/OnPremSecurityBestPractices/blob/main/internal_network_security_cheat_sheet.pdf

Facts and findings will be discussed (in English) during our next “Beer Talk” on June 24th 5pm CEST. Sign-up with our mailing list to get invited for the “Beer Talk” live stream.

References:
[1] https://www.businessinsider.com/stolen-data-of-533-million-facebook-users-leaked-online-2021-4
[2] https://www.nytimes.com/2021/02/08/us/oldsmar-florida-water-supply-hack.html
[3] https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

4 Comments

  1. Frederik

    Hi,

    Great, looking foward to the beertalk.

    The github repo 404s unforunately.

    Cheers

    • Ville Koch

      Hi Frederik,

      the repo should be now set to public, sorry for that! ;-)

      Cheers
      Ville

  2. Christian Folini

    What castle is that, if I may ask?

    • Ville Koch

      Hi Christian :-)

      This is the Beaumaris Castle in Wales.
      I chose this because I read somewhere that it was one of the hardest to capture in history and I thought this would fit my goal of the guide ;-)

      Best regards,
      Ville

Leave a Reply

Your email address will not be published. Required fields are marked *