Governing GPOs with a Layered Security Framework

Group Policy Objects (GPOs) are designed to streamline IT operations and provide centralized security policies across the active directory environment, like any other powerful system, they can be abused or infiltrated to circumvent security controls and gain access to sensitive data. Some midsize and large organizations have hundreds and sometimes thousands of GPOs deployed across widely distributed environments, creating not only a huge insider threat but also a large surface attack area if the proper compensating security controls are not in place.

This white paper describes how GPOs can be abused or exploited when the proper security controls are not in place and explains how to implement a layered security architecture that allows you to detect, alert and prevent unauthorized access to GPOs.