By Susan Bradley and Azure Security News
The concept of zero trust is that nothing should be trusted by default. Most of us are trying to work our way to zero trust but are not there yet. Until then, you can take steps to protect your networks better, starting with handling passwords better in your domain. Here are some tips:
Use Microsoft’s LAPS toolkit
By now I hope everyone has deployed Microsoft’s Local Administrator Password Solution (LAPS) toolkit. It should be the starting point for any organization. As the download instructions note:
For anyone moving to non-domain joined machines or cloud virtual machines, the Azure marketplace has several options for deploying a unique local administrator password for Intune-joined machines. The first is LAPS with Intune by Synergix Labs, LAPS for Azure also by Synergix Labs, and Admin Password Manager for Enterprise by GreyCorbel Solutions. Any of these solutions ensure that as you move assets to the cloud, the local administrator password will not be an easy entry point for an attacker.