TIER MODEL / ENTERPRISE ACCESS MODEL
Although the three-tier model no longer exists in its own right, its pattern has evolved but remains a foundation to implement when creating your new infrastructure.
Documentation : https://learn.microsoft.com/en-US/security/compass/privileged-access-access-model
DEPLOY LAPS
The infrastructure is now restored.
It is now necessary to deploy LAPS via GPO on all the client workstations and servers, starting with Tier 0, so that the local administrators' passwords are changed and hardened.
The objective is that the local administrator password is difficult to find and that in case of compromise, this password is not found on the whole park.
Last updated