Out of Denial - A 12-Step Program for Recovering Admins

Explore a 12-step program designed for recovering system administrators in this BSidesLV conference talk. Delve into guiding principles for addressing common IT challenges, starting with an admission statement and dispelling misconceptions. Learn to maintain a comprehensive inventory, maximize free tools, and verify technical configurations. Examine administrative policies, focus on user security, and enhance attack detection capabilities. Develop an incident response process, explore advanced techniques, and stay updated on emerging trends. Discover the importance of planning for new technology implementations and engaging with the IT community through conferences and user groups.

Intro
A twelve-step program is a set of guiding principles (sometimes accepted by members as being 'spiritual principles') outlining a course of action for tackling problems including alcoholism, drug addiction and compulsion
Admission Statement
Dispel Common Misconceptions
Take/Maintain a Complete Inventory
Leverage What You Have (or Free Tools) to the Fullest
Review/Verify Technical Configurations
RSOP to verify AD policies / Compare Windows configurations against MS Security & Compliance Manager
Review Administrative Policies
Users are Almost Always the Weak Link
Ensure Visibility to be Able to Detect an Attack
Define Your IR Process
Advanced Techniques/Strategies
Stay Abreast of Trends & Upcoming Technologies
Have policies and plans for protection for when the business dictates implementation of new technologies
Be Involved and Give Back
Get involved with local/regional conferences and user groups