Managing information system security is a priority for every organization. In fact, the level of security provided by software vendors has become a differentiating factor for IT purchase decisions. Quest strives to meet standards designed to provide its customers with their desired level of security as it relates to privacy, confidentiality, integrity and availability.
This document describes the security features of Quest® Security Guardian. This includes access control, protection of customer data, secure network communication, and cryptographic standards.
Quest® Security Guardian is an integrated On Demand solution that helps you keep the Active Directory domain(s) and Entra ID tenant(s) in your organization secure.
You can:
-
Identify Tier Zero objects in Active Directory.
-
Identify Privileged objects in Entra ID.
-
Certify that objects are indeed Tier Zero or Privileged and, when Quest Change Auditor version 7.4 is integrated, protect Active Directory Tier Zero objects against unauthorized or accidental modification or deletion.
-
Run pre-defined Security Assessments to identify vulnerabilities in Active Directory and Entra ID and create your own Assessments.
-
Investigate Findings for Tier Zero and Privileged objects, vulnerabilities identified through Assessments, and Critical Activity from On Demand Audit.
-
Have Findings forwarded to a SIEM tool and alerts sent to selected email recipients.
The following scheme shows the key components of the Security Guardian configuration.
Figure 1: High-Level Architecture
Microsoft Azure datacenters have the highest possible physical security and are considered among the most secure and well protected datacenters in the world. They are subject to regular audits and certifications including Service Organization Controls (SOC) 1, SOC 2, and ISO/IEC 27001:2005.
Relevant references with additional information about the Windows Azure datacenter security can be found here: