Disaster Waiting to Happen

Group Mismanagement: A Disaster Waiting to Happen

If you’re like most IT professionals, you don’t bother to update an Active Directory group’s membership. What’s the big deal? You may have read our articles about the realities of IT not focusing on groups or about the importance of putting some basic management in place — or better yet, a full group management lifecycle…

Empowering External Attacks: The Risk and Threat in Active Directory Groups

According to the 2015 Verizon Data Breach Investigations Report, approximately 85% of data breaches are performed by an external threat actor, with approximately 45% of those breaches focusing on credentials. This makes sense. Without proper credentials, the threat actor won’t be able to access the target data they want. Most threat actors gain entry by…

Unknown User

Active Directory Groups: What You Don’t Know CAN Hurt You!

When’s the last time you actually managed your Active Directory groups? Be honest. We’re not talking about that last time you added someone to a group. We’re talking about the last time you actually did some homework to ensure that the group had the right members, that the permissions were assigned correctly, etc. It’s probably…

3 Steps to Better Group Management

Group management in Active Directory is so much more than just making sure that memberships are correct. There’s an entire lifecycle process devoted to improving the management of groups — and the security they represent. But for many of you, there simply isn’t enough time (yet) to devote to implementing an entire group lifecycle. So,…

AD Squatter

Are Users “Squatting” in Your Active Directory?

While they’ve been around for decades, in recent years we’ve all been introduced to squatters — people who move into an empty house that isn’t theirs and then take full advantage of the benefits of having a place to stay. They obtain utilities, setup mail delivery, maybe even meet the neighbors — all the while…

Six Degrees of IT Separation

Six Degrees of IT Separation

We are all well aware of the theory that every person is separated from everyone else by only six people. In fact, one 2013 study showed that this separation was just a little over 3.5 people. Although not as widely recognized, there is also a degree of separation between the people in IT who establish…

Temp Security

Temp Employees: A Forgotten Threat

In some ways, there is no greater threat to security than a temp employee. At first glance, the previous statement might not make much sense. After all, the temp has comparatively the least amount of privileges, and they have those privileges for only a short period of time. In reality, however, the accounts created for…

Cloud vs. On-Premises

SharePoint Security: More than just a “cloud vs. on-premises” discussion

Whenever the topic of moving to the cloud comes up, it’s inevitable that the topic of security also arises. And rightly so: the cloud can create a host of security risks concerning who has access to services and data, from both an IT and an end-user perspective. A recent article on SharePoint adoption cited the…

Uncovering Risk

Uncovering the Risk in Your Security

If you were asked, “Is your environment secure?” you’d probably respond with something like “more or less.” After all, we IT professionals are pretty logical, and while we make a solid effort, there are areas of our network environments that are in less-than-desirable shape. You have a lot on your plate, and you just don’t…