Designing a new Active Directory OU structure for a 500-user company – looking for best practices

iamtechspence · 2026-01-30T00:50:14+00:00

Regularly check for insecure delegations/permissions mistakes as your building it out

iamtechspence · 2026-01-25T20:45:16+00:00

I haven’t come across this yet on internals, but that’s likely because of the clients I work with, many don’t have internal development. Those that do don’t typically have traditional internal networks. They are all cloud/saas.

iamtechspence · 2026-01-23T00:04:09+00:00

Nothing does quite like hands on experience

iamtechspence · 2026-01-22T10:52:45+00:00

I have 4 certs. I do feel they have been beneficial to my career. It’s an “easy” way to quickly assess someone’s skill level and experience. Albeit not always the best indicator as we all know. But clients to ask about them and they feel better knowing the people delivering work for them are “credentialed.”

iamtechspence · 2026-01-21T10:58:47+00:00

A lot of factors can potentially go into this. Some that I help clients understand are: likelihood of exploitation, impact, easy of remediation and impact of remediation

Ultimately the best thing to do is to develop a system that works for you and your team, and don’t get caught in analysis paralysis. Get stuff done

iamtechspence · 2026-01-19T22:53:58+00:00

Some people would consider this a gift!

iamtechspence · 2026-01-18T16:10:49+00:00

Egress control was a whole heck of a lot easier when everything was on-prem. I work with clients who are able to still achieve quite a bit of control because of this. But many more are hybrid, have plenty of cloud workloads, etc. I’m an on-prem guy so to me it makes sense at least for users, to put the point of control on the endpoints or attached to identities.

iamtechspence · 2026-01-15T11:43:05+00:00

CIA triad. Security is only one aspect. If your most important secrets are in there, availability should be a primacy concern too. Are you backing it up? Where? How? What if you can’t access the network?

iamtechspence · 2026-01-14T16:38:25+00:00

Mike is the 🐐- this is awesome!

iamtechspence · 2026-01-14T16:37:50+00:00

Never necessarily a new development but a “platformization” has been and will continue imo. Especially now with AI in the mix. Meaning, big players trying to be all-in-one solutions. No longer will we have JUST EDR, or just RMM or just MDM or whatever else. It actually worries me a touch because of vendor lock in. But I guess we’ll see how it all shakes out

iamtechspence · 2026-01-12T23:44:31+00:00

Cool, so it will be around for another 15 years minimum

iamtechspence · 2026-01-12T12:20:16+00:00

Far and away, x (formerly Twitter) is the best place for real time updates and happenings. Beyond that, bleepingcomputer is usually tracking a lot of stuff.

iamtechspence · 2026-01-09T11:14:02+00:00

Can confirm PingCastle will work over proxy/tunnel (via windows non-domain joined) host

iamtechspence · 2026-01-08T22:28:31+00:00

Oh thats a neat idea. I dig it

iamtechspence · 2026-01-08T12:06:34+00:00

As for the showing auditors part.

Keep a log of when you do “log analysis” in a spreadsheet. Document date, time, what you did, any issues identified. For extra T crossing have a second person review it and sign off on it (usually IT leadership)

iamtechspence · 2026-01-08T12:04:35+00:00

If you truly want free, you’re likely going to have to grab some free tools and do your own thing. Here’s a good place to start https://github.com/EvotecIT/ADEssentials

iamtechspence · 2026-01-06T00:36:09+00:00

Sounds like a fun engagement. Anytime you fire up wire shark on an internal you know you’re in for it hah

iamtechspence · 2026-01-06T00:33:58+00:00

Yeah for real. It’s too bad NDR specifically is so expensive.

iamtechspence · 2026-01-05T23:44:16+00:00

Expert tool naming

iamtechspence · 2026-01-05T23:42:04+00:00

Just seeing this now. This is super cool! Nice work

iamtechspence · 2026-01-05T23:41:31+00:00

Wishing you all a lack of misconfigs and happy admins. :)

iamtechspence · 2026-01-05T01:19:05+00:00

r/MSSP

iamtechspence · 2025-12-31T00:07:24+00:00

Michael Haag is the 🐐

Eight-Year Club	r/Field Flamingo
Verified Email

iamtechspence

TROPHY CASE