AJS Blackfox: Learning the right lessons from past mistakes

AJS Blackfox, a growing French company

In 2017, AJS suffered a cyber-attack. While the company received compensation thanks to a cyber insurance policy that its leadership had proactively secured, the incident highlighted that even small and medium-sized companies (SMEs) operating in non-strategic sectors are still attractive targets for cybercriminals.

Following its analysis of the attack, the insurance provider recommended that AJS’s management team enhance their IT system security to mitigate the risk of future cryptolocker breaches. Given the organization’s fleet of PCs and tablets, it was essential to reinforce the security of its Active Directory environment. In response, AJS implemented Specops Password Policy to address these vulnerabilities. The solution was deployed promptly and efficiently.

Getting to grips with Specops software

Guillaume, who joined AJS to take over technical support, also quickly took charge of Specops solutions. He says,

“I’m very satisfied with the tool overall. It’s easy to use and offers more features than the default Active Directory settings.”

Specops Password Policy now delivers ongoing protection for the company’s Active Directory while also ensuring AJS remains compliant with the strict security standards established as a result of its insurance provider’s assessment.

To keep a close watch, Specops Password Auditor offers full visibility across the entire Active Directory environment. For Guillaume, “Specops Password Auditor is a truly innovative tool, unique in its approach.” 

Regular scans – every three to six months – help maintain good hygiene across the company’s network infrastructure. Inactive accounts are flagged, and Auditor provides a comprehensive overview of password health, including verifying that passwords are mandatory, not empty. This prevents AJS from having administrator accounts for service applications without passwords, a preferred attack vector for hackers.

Specops solutions have become an integral part of the company’s IT environment. As Guillaume affirms,

“I’m not aware of any other solution that offers the same capabilities as Specops and delivers them as effectively.”

With peace of mind that AJS’s D environment is secure, he can now focus on projects that drive the company’s growth, such as infrastructure enhancements and office relocations.

What lessons can be learned?

Security also relies on employee education. For every new hire, the technical team dedicates two to three hours to raising awareness about cybersecurity risks and clearly explaining the organization’s password policies. This process includes ongoing reminders and periodic checks to ensure that sensitive information is stored securely; for instance, making sure that passwords are not written down on Post-it notes. Regular training is essential to reinforce a key message: using “123456,” repeated characters, or predictable patterns are ineffective against modern cyber threats.

AJS has relied on Specops solutions for a number of years. In the face of an ever-growing landscape of cyber threats, the technical team considers Specops Password Policy to be a critical component of their security strategy.

An informed user base is a powerful line of defense. While taking out insurance can offer some relief, implementing robust protection for Active Directory remains essential for risk mitigation, especially when ransomware demands average $2 million.