Since 2012, Jonathan Blackwell, an engineer and innovator, has provided engineering leadership that has put GroupID at the forefront of group and user management for Active Directory and Azure AD environments. His experience in development, marketing, and sales allows Jonathan to fully understand the Identity market and how buyers think.
One of the greatest faults in the architecture of AD is the complete lack of documenting when someone assigns permissions to it. You know what I’m talking about – you’re in SharePoint, or on a file server and you add some permissions to a resource. You grab a list of users and groups from AD,…
If I was to ask you who are the members of a given group with permissions to some sensitive application or data set (one other than, say, Domain Admins), you probably don’t know the answer to that. It’s a bit of an unfair question, as none of us strive to memorize the membership of any…
We’ve spent a lot of time and effort on this blog working to educate you on best practices around specific aspects of AD group management, such as roles for delegation, the use of dynamic memberships, defining Active Directory health, and more. All of these blogs are part of a larger view of groups – one…
I recently wrote about the cost of managing Active Directory groups, where a look was taken at how calculating what it truly costs your organization to manage groups within AD. For organizations large and small, the costs (relatively speaking) are material. And those material costs only revolve around IT reacting to the requested changes made…
In keeping with our mantra of Better Groups, Better Security, we look for great ways you can improve your security through better group management. While the amount of work needed to add a single user to a group takes the smallest of efforts, it’s when you make a conscious effort to improve the security of…
Passwords are one of the most insecure security measures today. The same passwords are listed as the most used year after year (which is simply a repercussion of too many systems/passwords), and when they’re forgotten, password resets via the helpdesk have zero validation around who’s actually calling. To simplify the process of password resets, self-service…
In a recent article, we discussed how Password Self-Service (PSS) needs to be managed with a degree of granularity. The basis for this argument is that users with varying levels of elevated privileges should be protected with additional layers of complexity and scrutiny. This allows an organization to ensure appropriate levels security are enforced based…
In a world where organizations need to implement layers of security to protect themselves from the dangers of external attacks, it becomes more and more important to know someone is who they say they are – often on an on-going basis. Compromised credentials via successful malware attacks make even the most trusted of users a…
There’s this quote from a Dr. Who episode that has stuck with me – “We’re all stories, in the end.” It speaks to the finality that nearly everything – and everyone – eventually has its demise and becomes nothing more than folklore. And in IT, this especially rings true. When you hear a name like…
With users having so many passwords – both personally and professionally – and with the ability to have operating systems and browsers remember password on the user’s behalf, it’s understandable that they may find themselves forgetting their password at one time or another. They can use the age-old insecure process of calling the helpdesk, or…