Quest Software, a global systems management, data protection and security software provider, announced new capabilities available within On Demand Audit to support the industry-wide shift to the cloud and ensure Microsoft environments remain secure in the face of growing malware and cyber threats.
Available within the Quest Microsoft Platform Management (MPM) business, On Demand Audit is an Azure-hosted SaaS offering that provides tracking and alerting on all configuration, user and administrator changes made across Microsoft hybrid environments.
To further help customers tighten their security posture, streamline auditing processes, and adhere to compliance requirements, On Demand Audit now features new support for Teams and delivers the necessary auditing and alerting on all critical events to minimize vulnerabilities across the business collaboration tool.
With the recent organizational shift to a remote global workforce, Microsoft Teams has fast become a vital business collaboration tool of choice, with more than 75 million and growing users leveraging the collaboration platform since the global pandemic.
Teams is not only useful for overall business productivity, it also has transformed how employees communicate, share information, and maintain relationships when scattered across the globe.
With an increase in business-critical information being shared across productivity platforms such as Teams, and hackers looking to exploit today’s work from home era, it has increased the surface area that IT teams must manage and secure across the organization.
To better defend against emerging cyber security threats looking to leverage Teams as the entry point, On Demand Audit with Teams support gives IT teams the necessary auditing and alerting for events such as configuration and setting changes, guest user activity, and when new Teams or channels are created.
Mitigate security risks across hybrid environments
Although global organizations are accelerating the transition to the cloud, the reality today is that many businesses manage a hybrid platform environment, keeping some workloads on-premises with others in the cloud. Complexities can be associated with managing a hybrid cloud infrastructure, particularly when it comes to ensuring a strong security posture.
Combined with the explosive growth of data flowing across the organization and more workloads moving to the cloud, it’s a tall order for IT teams to ensure accurate auditing and compliance requirements are met to support this hybrid business model.
To tighten an organization’s security posture and mitigate risks to workloads on premises and in the cloud, Quest On Demand Audit now features enhanced visibility and insight across AD, Azure AD, and Microsoft 365, as well as on-premises authentications with the new integration of Change Auditor for Logon Activity.
This capability provides a single pane of glass view that captures, alerts and reports on all AD logon/logoff and Azure AD sign in activity. With real-time email alerts, IT admins have complete, accurate visibility into usage patterns and can respond to suspicious logins from anywhere on any device.
“Our approach with On Demand Audit is unique as it’s hybrid-enabled to support seamless integration with our on-premise Change Auditor solution, so customers benefit with that extra level of security either on-premises or in the cloud,” said Brad Kirby, Senior Director, Product Management, Quest Microsoft Platform Management business.
“Customers have trusted Quest for 25 years to help them leverage their organizational investments in Microsoft platforms with proven solutions to better manage and secure these environments.
“More than 11,000 organizations globally have leveraged our on-premises auditing offering, Change Auditor, and with On Demand Audit, we are making it simple for customers to extend their cyber resilience posture to the cloud when they are ready.”
New On Demand Audit Hybrid Suite enhancements include:
- Teams auditing support: Automatically audits and alerts admins on all critical events, such as tenant-level configuration changes, Teams and channel creation, and guest activity.
- Change auditor for logon activity integration: Provides tracking of Azure AD sign-in activity and AD logon/logoff, including both Kerberos and NTLM authentications.
- Golden ticket detection: Alerts admins when common Kerberos authentication vulnerabilities are exploited, which could indicate a potential Golden Ticket / Pass-the-ticket attack.