IAM Security Needs a Solid Foundation

Implementing IAM: Don’t Get Ahead of Yourself

As your organization has grown, so has your IT infrastructure. You now have so many systems requiring some level of authentication, and so many protected data sets that need to be protected, that your organization has come to the realization that it’s time: You need to implement IAM. At first, this can be an exciting…

Bringing Shadow IT Into the Light

Bringing Shadow IT into the Light

I’ve written and spoken many times  about the topic of Shadow IT. It’s a tech buzz phrase with a somewhat negative connotation, indicating that users are taking IT matters into their own hands and bypassing IT to solve their own challenges. For the record, when a user does this and their actions put the organization…

Active Directory group owner

Does Anyone Actually Own a Group?

Unless you’ve been living in an IT-less cave for the last 16 years, you’re probably well aware of the Managed By field in an Active Directory group, as well as the option to allow that specified manager to update group membership. When Microsoft created those fields, the intention was surely to help organizations distribute the…

The Need for Protecting Your Active Directory Groups

Group Management and Your Endpoint Security Strategy

Everyone’s worried about endpoints. And you should. As evidenced by the rise in organizations experiencing attacks via malware-laden websites, phishing and spear phishing, and OS/application vulnerabilities, the endpoint is a clear target for external attackers. Compromising an endpoint is frequently the first step needed to gain a foothold within your organization’s network, giving these attackers…

Active Directory Group Consolidation

5 Best Practices for Consolidating Active Directory Groups

Face it. Consolidating groups is just one of those tasks no one really wants to take on. You know that your Active Directory is filled with a ton of unused or unnecessary groups, yet they still sit there, happily existing without any supervision. See if any of these situations sound familiar: A group with no…

Disaster Waiting to Happen

Group Mismanagement: A Disaster Waiting to Happen

If you’re like most IT professionals, you don’t bother to update an Active Directory group’s membership. What’s the big deal? You may have read our articles about the realities of IT not focusing on groups or about the importance of putting some basic management in place — or better yet, a full group management lifecycle…

Empowering External Attacks: The Risk and Threat in Active Directory Groups

According to the 2015 Verizon Data Breach Investigations Report, approximately 85% of data breaches are performed by an external threat actor, with approximately 45% of those breaches focusing on credentials. This makes sense. Without proper credentials, the threat actor won’t be able to access the target data they want. Most threat actors gain entry by…

Unknown User

Active Directory Groups: What You Don’t Know CAN Hurt You!

When’s the last time you actually managed your Active Directory groups? Be honest. We’re not talking about that last time you added someone to a group. We’re talking about the last time you actually did some homework to ensure that the group had the right members, that the permissions were assigned correctly, etc. It’s probably…

3 Steps to Better Group Management

Group management in Active Directory is so much more than just making sure that memberships are correct. There’s an entire lifecycle process devoted to improving the management of groups — and the security they represent. But for many of you, there simply isn’t enough time (yet) to devote to implementing an entire group lifecycle. So,…