If thinking of a set of keys, in which each key secures an area of your organization’s infrastructure, it makes sense to have each area only accessible via the key(s). However, what if the key ring itself, the pathway to all the keys that secure your organization, is available? Perhaps this is how organizations need to think about Active Directory(AD).
As a distributed service, AD relies upon many interdependent services distributed across many devices and in many remote locations. Monitoring of AD configurations becomes crucial as environments will just continue to grow.
Derek Melber’s thought on controlling privileged access of AD boils down to one main point, how can you restrict the privileges within an AD environment if you are not aware of who has access?
As previously discussed in Change Monitoring vs. Control vs. Management: What’s the Difference?, change management is the process of making decisions about your network, which is decided upon by a combination of effective security policy and change monitoring.
Five years ago, organizations may have been monitoring AD configurations because of best practices, or from a compliance perspective adhering to a government specific regulation. In today’s technology climate, monitoring for changes might need to be part of the organization’s security culture. Skyport’s latest research states that AD mismanagement can be to blame for 90 percent of enterprise security breaches.
Challenges with security and compliance maintenance can include designation of administrative user privileges, change management, change reversal, troubleshooting, and comprehending audit information. Securing Active Directory isn't easy.
However, we need to go back to the beginning: The large-scale problem with Active Directory is knowing who has privileges, and when or how to restrict those privileges.
Monitoring for Active Directory configurations for changes is critical. If you don't, the costs can be significant. Within the retail industry alone, Laura Minning notes the current cost per record breached is $172. For $172 per record, can your organization afford the risk?
CimTrak for Active Directory helps organizations monitor their directory services for deviations, with sensitivity to common issues that often go undetected in large environments. With human-readable logs, built-in intelligence, and accountability, CimTrak is designed for awareness. For more information, click here.
Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".