Securing Sideways: Thwarting Lateral Movement, with no extra software!

“What keeps me up at night? Active Directory (AD) infrastructure without proper segmentation”

What if there was a way to prevent ransomware breakouts from owning an entire environment, without any new tooling or licenses? AD tiering offers defenders a chance to contain, if not completely prevent, threat actors from escalating privileges to deploy malware.

Identity is the crown jewel of any corporate network. In a traditional network, threat actors compromise high-risk, low-privilege end-users and work their way up to the identity plane to establish control over an environment. With control over the environment, ransomware or other theft can happen easily.

Tiering provides an additional layer to defense in depth strategies. Tiering splits a domain into three logical boundaries: Tier 0 (identity/management), Tier 1 (non-IT management infrastructure), and Tier 2 (end-users, high risk endpoints). Identities and devices from Tier 2 cannot access Tier 1 or Tier 0, and Tier 1 cannot log in to Tier 0 devices. Tiering pulls inspiration from watertight bulkheads on a ship: a compromise in one component cannot take out others. A threat actor breaking into a Tier 2 laptop has no lateral movement pathway to a domain controller or other identity management device. Damage is contained to just Tier 2.

Current available blog posts or documentation focus are exclusive to tech or business concerns, in one specific environment type. This session packages everything together in an easy-to-follow format. In this thirty-minute session, Securing Sideways will introduce the audience to tiering, how to implement tiering in an on-prem, hybrid, or cloud environment, and address operational and business concerns before tiering should be implemented.