I think that moving forward, implementing JEA is one of the most important tasks to accomplish to drastically increase your companies security. You do not need to wait to upgrade to Windows V-Next — this is available now and already in use by Microsoft and other companies.
And if you looked at xJEA (the DSC Resource) and decided you couldn’t implement yet — – this is the new version – built into the #PowerShell language and ready for you to start creating secured and constrained endpoints and finally take control of over-privileged administrators.
This will immediately impact the security level of your company, and you can rollout over time, gradually improving and revising without impacting the ability of admins to perform their jobs — just removing the massive security holes.
I worked hard on this course from Pluralsight and I hope you find it a useful guide and learning experience so you can successfully take control.
Check it out: Implementing PowerShell Just Enough Administration (JEA)