We are happy to announce the release of Onboarding Accelerator – Securing Lateral Account Movement – Premium.
Coming by popular demand from customers having received the POP-Securing Lateral Account Movement (SLAM) offering, the Onboarding Accelerator – Securing Lateral Account Movement – Premium has now been released. This is a multi-week engagement in which Microsoft Premier Field Engineers support you in increasing your resiliency against critical credential theft attacks by implementing core mitigations into your production environments. Each of the services included in the Premium offering consist of a one week engagement which matures your overall mitigation defense against leveraging lateral account movement as a means of a potentially devastating compromise; together these mitigations result in a defense-in-depth approach. Customers may elect to implement all three services (the Premium offering), any one of the individual services by itself, or any combination of the three.
The Premium service consists of these individual components:
Onboarding Accelerator – Securing Lateral Account Movement – Implementing Local Administrator Password Solution (LAPS) will create unique passwords for local administrator accounts to prevent their credentials from being stolen and reused, as well as enabling auditing for password access.
Onboarding Accelerator – Securing Lateral Account Movement – Implementing Account Restrictions enables secure administrative practices through a process of credential partitioning. Restricting account authentications to a single security tier based on the level of resource trust and value contained within that resource tier.
Onboarding Accelerator – Securing Lateral Account Movement – Implementing Firewall Restrictions enables and deploys local Windows Firewall, configures and tunes these configurations to block all non-trusted inbound traffic to workstations.
We are always listening to Uservoice. Please continue to submit feedback.