IT Admins and Security Auditors

by Derek Melber
Sept. 1, 2017 0 comments TechGenix Pen Testing & Audits windows client security

Recently, I was working with a company to perform their annual Windows server and Active Directory audit. This company is not unique to the companies I do work with, rather they epitomize the common issues that arise during an annual audit. I have yet to understand the egotism that IT admins have when it comes to an audit. Where on the other hand I also don’t understand the lack of effort that auditors want to give to completely understanding what they are auditing, nor the breadth they should be auditing. This article is not meant to be anything but an eye opener to both entities, in hopes that each will be more cordial and understanding during the audit, so the organization can become better secured in the event of an attack on the computing environment.