How to implement tiering method?

Khushboo Kumari 0 Reputation points
2024-01-21T09:03:51.0133333+00:00

Hi, We have red forest implementation for DA, EA and for privileged identity in our old organization. Now we are going to set up a new organization, and as now red forest model is retired. so, we are looking for best approach including best security approaches. I have found we can do tiering. Can you please help us on this how can we implement it? Thanks!

Microsoft Identity Manager
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
753 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,875 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Wesley Li 11,010 Reputation points
    2024-01-24T10:22:53.31+00:00

    Hello Sure, I can provide some guidance on implementing a tiered security model in your new organization. The tiered model is a great approach to enhance security and manage access controls effectively.   Here are some key steps to consider:   Identify and Prioritize Risks: The first step is to identify the security risks your organization faces. Once identified, these risks should be prioritized based on their potential impact.   Implement a Security Operating Model: This model governs and oversees security for the entire organization. It utilizes a risk-based approach to identify and prioritize risk mitigation efforts.   Establish a Governance Control Framework: This framework ensures collaboration with the business. An executive committee with a CSO/CISO and senior leadership from across the organization balances the organization’s security risks with the overall costs.   Adopt Microsoft’s Active Directory Tier Administrative Model: This model can improve security by managing access and control between the tiers.   Limit Exposure of Administrative Credentials: Ensure administrative tasks are not performed on hosts used for standard user activities.   Continuous Improvement: Security is not a one-time effort but a continuous process. Regularly review and update your security measures to address new threats and vulnerabilities.   Remember, the implementation of these steps will vary based on your organization’s specific needs and resources. Always consider consulting with a cybersecurity expert or a professional service to ensure the best practices are being followed.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.