Semperis Blog

Insights From Thought Leaders Around The Globe

The digital identities of modern enterprises exist in a dynamic environment. Read thought leadership from experts worldwide regarding the constantly changing global IT environment and insights for keeping up with growing demands, and securing against escalating threats and vulnerabilities.

How To Prepare For Cyberwar: It Starts With Identity

Cyberattacks are rapidly evolving in sophistication and scale. The line between the digital and the physical realm has become more blurred. Foreign cyberattackers have used destructive malware to erase data from hard drives and made moves to infiltrate industrial systems. They could make equally damaging moves in the future, given recent political events and verbal threats. Anyone in … Read More

Semperis COVID-19 Update

Semperis COVID-19 Update

Last Update March 18, 2020 This post provides information about steps Semperis is taking in response to the COVID-19 crisis. These actions are designed to ensure uninterrupted service to our customers while protecting the health and welfare of our team members and the communities where we live and work. We would also like to take … Read More

Hypervisor DC Snapshots Are No Substitute for Proper Active Directory Backups

Hypervisor DC Snapshots Are No Substitute for Proper Active Directory Backups

Most organizations have virtualized some or all their AD domain controllers. Virtualized DCs have their advantages, but they also introduce risks that didn’t exist with physical servers. One of these risks is the temptation to use hypervisor snapshots (a point-in-time VM image) for AD backups.   Don’t.  Let’s be clear: even though Microsoft supports hypervisor snapshot restores since Windows Server 2012 – i.e. they won’t break AD as they could in previous OS versions – they’re still not recommendedi. And they’re especially not recommended for forest disaster recovery scenarios.  … Read More

Cyber Scenarios Expose Shortcomings of BMR

Ransomware and wiper attacks are causing organizations to re-evaluate their backup and recovery capabilities. An obvious concern is whether backups are safe – for example, are they offline where they can’t be encrypted or wiped. While this is a good first step, it’s just that. We also need to evaluate whether the backup and recovery … Read More

Toughen Up Your AD

Toughen Up Your AD

Request for Comments (RFC) 1823 from August 1995 introduced the Lightweight Directory Access Protocol (LDAP) Application Programming Interface (API). One could argue that this important work served as the foundation for modern identity management. And yet, surprisingly, the word identity does not appear even once in the entire RFC. (The word directory shows up fourteen times and the word access appears … Read More

NSA sounds the alarm on BlueKeep

NSA Sounds the Alarm on BlueKeep

July 29, 2019 Update: With over 800,000 Windows systems still unpatched and vulnerable (as of July 2), concern over BlueKeep remains high, especially after a detailed guide on how to write an exploit was posted online last week.  Other indications that the vulnerability is not going unnoticed include publication of an exploit and discovery of … Read More