Increasing cyber security
Implementation of Microsoft ESAE
Since the initial implementation in 2018, the HWS Group has continued to operate the security environment and ensure that it meets the latest threat scenarios. The introduction of Microsoft ESAE has enabled the organisation to build a stable and secure IT environment that can withstand advanced cyber threats. This successful implementation demonstrates the effectiveness of a well-planned security architecture and shows how organisations can ensure long-term protection against advanced cyber attacks.
ESAE IT security project:
at a sporting goods manufacturer from Herzogenaurach
Download USE Case as PDF
Receive this use case as a detailed report so that you can refer back to it at a later date.
HWS Group – Successful AWS migration
Overview: An organisation was confronted with targeted attacks on its privileged accounts. To counter these threats, it decided to implement the Microsoft ESAE framework. The HWS Group analysed the existing security infrastructure and implemented measures such as reinstalling critical servers, securing administrative accounts and setting up privileged workstations. The result: improved protection against advanced threats, reduced risks of lateral movement and enhanced monitoring capabilities. Since implementation, the security architecture remains effective against new threats through continuous updates.
Customer feedback: ‘Whether onsite, offsite or nearshore, the experts from HWS always keep pace with our systems. Cooperative and competent.’
Challenge
The organisation was facing an increasing threat situation, particularly from targeted attacks on administrative accounts with the highest access rights. These accounts were a favoured target of cyber attacks due to their privileges, and the existing security measures proved insufficient to prevent advanced threats. With this in mind, the organisation decided to implement the Microsoft Enhanced Security Administrative Environment (ESAE) framework. The goal was to develop a long-term security strategy that would increase the protection of privileged accounts and resist advanced attacks while keeping the existing IT infrastructure running reliably.
Analyse
The HWS Group carried out a comprehensive analysis of the existing security infrastructure and worked closely with the organisation and Microsoft to develop an optimised access strategy. Plans were made to reinstall and secure critical servers and reorganise the administrative account structure. The use of Microsoft ESAE promised a significant improvement in security for Tier 0 systems and administrative accounts. In addition, the need was identified to revise the group policies (GPOs) for Tier 0 systems and to configure Privileged Access Workstations (PAWs) to create an isolated and secure working environment for administrative tasks. .
Umsetzung
In close cooperation between the HWS Group, Microsoft and the organisation, the Microsoft ESAE environment was successfully implemented. The plan was executed in several phases:
- Reinstallation of critical servers: Domain Controllers, AD FS, AD CS and AAD Connect were reinstalled and secured to create a secure foundation for the IT infrastructure.
- Securing administrative accounts: All level 0 privileged accounts were isolated and protected with additional security measures such as multifactor authentication.
- Redesign of the group policies (GPOs): GPOs were customised to ensure that all systems met the highest security standards.
- Establishment of privileged workstations (PAWs): Dedicated workstations for administrative tasks were set up to minimise the risk of attacks on critical systems.
- Regular security assessments: After implementation, the entire security architecture was continuously reviewed and further optimised.
- Migration of workloads to the cloud: Certain workloads were migrated to Azure and AWS while maintaining high security standards.
Benefits for the customer:
The implementation of Microsoft ESAE brought significant benefits to the organisation:
- Improved protection for administrative accounts: Privileged accounts were successfully isolated and secured with strong security measures, significantly reducing the risk of compromise.
- Reduced risk of lateral movement: The redesigned security architecture prevented lateral movement attacks and reduced the risk of Advanced Persistent Threats (APTs).
- Enhanced monitoring capabilities: New audit logging and monitoring mechanisms enabled the organisation to detect and respond to suspicious activity more quickly.
- Increased security awareness: Training and awareness-raising measures increased the security awareness of employees and promoted compliance with best practices.
Your contact for this project:
Glenn Galea
- Chief Sales Officer -
Download USe Case and save time
Receive this use case as a detailed report conveniently by e-mail so that you can refer to it at a later date.
Simply fill out our contact form.
We handle your data responsibly.
Some examples of satisfied HWS customers:
Would you like to find out more about our User Helpdesk?
You can find more information about the HWS Modern Workplace solutions here:
