Good Stuff Bad Stuff

A Practical How-To Guide for Cybersecurity

This site is an evolving collection of step-by-step guides to decrease your risk of becoming the victim of a successful cyber attack, quickly, cheaply, and with the highest returns for least effort. It assumes nothing and starts at the very beginning, spiraling outwards through different themes with increasing maturity at each pass. By following these guides you'll be able to make things a little better each day.

A long time ago I was asked to define some abstract architectural principles that can be applied when designing things. In it's most abstract form, the principle for everything is 'only do good stuff, don't do bad stuff'. The rest is just details. And that's where the name of this site comes from.

Intended Audience

These guides are aimed at the majority of organisations today that are running on Laptop and Desktop computers with Microsoft Windows and Office, applications running on Windows Server, and maybe some Linux servers running web applications with everything else in the Cloud. For the many, many companies running completely on Macbooks and Google Docs - sorry, but this isn't for you just yet.

If there's anything specific you'd like me to cover, or errors I need to correct, please get in touch:

• twitter.com/craighays
• Craig@CraigHays.com

1. Identifying your assets
2. Securing the permimeter
   1. External footprint discovery and reduction
   2. Multi-Factor Authentication for all remote access
3. Cleaning up unused stuff
   1. Disable unused accounts
   2. Delete accounts that have never been used
   3. Delete accounts that have been disabled for 30 days
4. Privileged Access Management
   1. Microsoft LAPS and MFA with Lithnet Access Manager
   2. Delete accounts that have never been used
   3. Delete accounts that have been disabled for 30 days