Management of local workstation administration accounts with Microsoft LAPS
What is LAPS?
LAPS is a system for managing local passwords on users’ workstations. This tool aims to ensure data confidentiality and reduce the risk in case of loss or theft of workstations.
What does LAPS provide?
LAPS provides security for workstations and the entire network by providing the following security features:
Generation of a unique local administrator password per workstation
Centralized storage of local administrator accounts on AD
Blocking the risk of a lateral movement attack from a compromised workstation
Centralized management of local administrator password expiration
The benefits
LAPS is integrated into the Windows system for free.
Deployment and management of the tool is done on the existing AD infrastructure
WE CAN SUPPORT YOU
Almond’s Infrastructure Security team has complete expertise in the service chain offered by Microsoft, from the workstation to the Azure Cloud, as well as in AD and Azure AD security issues.
Mastering LAPS projects is part of our catalog of skills and we will be able to adapt to your context so that you can exploit the tool’s features in an optimized and secure manner.
What are the LAPS integration methods?
ON PREMISE
Deployment and control by local strategy
IN THE CLOUD
Deployment and control on Microsoft Intune