In the current world of Information Technology, protective measures do not stop at the network edge. Recent news reports based on security breach post-mortems indicate the need to protect assets using measures that reduce administrative access. While the principle of least privilege has always been known to IT Security professionals, there is a need in the industry for a standardized method of constructing an operator experience that reduces access with a more sophisticated level of granularity than what is available in many traditional access control models.
Just Enough Administration (JEA) is a solution designed to help protect Server systems. This is accomplished by allowing specific users to perform administrative tasks on servers without giving them administrator rights, and then auditing all actions that these users performed. JEA is based on Windows PowerShell constrained runspaces, a technology that is already being used to secure administrative tasks in environments such as Microsoft Exchange Online.”
A few weeks ago Paul Paul Loonen presented a TechNet Live Meeting in Belgium on how to extend your Enterprise Identity to the Cloud, focussing on what Microsoft has to offer. Topics include Active Directory, Windows Azure ACS and Forefront Identity Manager 2010.
Also followed an interesting session on Azure ACS (access control services) by Vittorio Bertocci.
Looking around for ACS, there is quite some interesting stuff out there.
“/../ Most of the updates were focused on supporting the new Windows Azure AppFabric February CTP and the new portal experience for AppFabric Caching, Access Control, and the Service Bus. The specific content that was updated in this release includes:
Hands-on Lab – Using the Access Control Service to Federate with Multiple Business Identity Providers
Hands-on Lab – Introduction to the AppFabric Access Control Service V2
Next Thursday (February 24th, 2011), Paul Loonen will be presenting a TechNet Live Meeting in Belgium on how to extend your Enterprise Identity to the Cloud, focussing on what Microsoft has to offer. Topics include Active Directory, Windows Azure ACS and Forefront Identity Manager 2010.
Register here for the Dutch language session and here for French language session,
To get your copy of the presentation, please check at Paul’s blog after the 24th!