AD management

The Reality of Active Directory Group Management

Managing Active Directory groups is probably one of the simplest tasks you perform on a regular basis. It’s right up there with resetting a password. Because it takes little effort — and even less though — it can often be easily dismissed as a routine, unimportant task. Similarly, administrators must regularly clean up user accounts and objects…

covid business impact

The Impact of COVID-19 on Businesses

More than half of the global workforce is working remotely and as the pandemic continues to threaten health, we are looking at a prolonged period of hybrid working – from home and office in different proportions. One year later… In March 2020, companies across the US abruptly shuttered their offices and instructed employees to work…

Imanami year in review

Imanami: 2020 Year in Review

2020 will be remembered as the year that changed us all. Concepts such as lockdowns, mask mandates, and social distancing were unknown to most of us. Through all the uncertainty, 2020 had its positive moments as well. We were tested and pulled from many directions, yet when it mattered, we banded together and helped each other.  We gave…

wfh collaboration tools

[How-to] implement seamless Group Governance while WFH

COVID-19 has disrupted the way many people around the world work. Instead of going into an office, attending a meeting, or shaking hands with a colleague, employees are online more than ever before.  One of the biggest changes we have been witnessing amid all this, is the need of working together, in newer ways. Such a change has triggered the need for many employees to opt for collaboration tools for group governance, enabling them to stay connected, remotely. This will…

active directory group management

Active Directory Groups Management in Enterprise Hybrid Cloud

What is a Enterprise Hybrid Cloud? Enterprise Hybrid Cloud can have everything in cloud among the services, like Okta, Sail Point, ServiceNow, Active Directory & Azure AD taking to each other. For example, a Helpdesk Request can generate from Service Now for a new user onboarding that requires provisioning an account in Okta for Single-Sign…

active directory group attestation

And who should be responsible for it?

How is your Active Directory (AD) being managed? Do you have any orphaned groups (groups without owners)? Are there groups that have outlived their purpose? Do you have users that are members of groups and they no longer need to be part of these groups? An ongoing attestation of groups is key to answering these questions.   Group objects in your directories tend to…

Expired Groups

The End of Groups: The Case for Group Expiration

Many directories contain groups so old that even you don’t know why they exist, who uses them, and what they provide access to. It’s a more common problem than you’d think.  “We should be deleting groups then, right?” might be your initial response.  And while the answer is “yes” in the short run, the reality is…

Group Lifecycle Management

AD Group Lifecycle Management – Group Attestation

Because of the lack of attention groups get throughout their lifetime, one of the greatest security risks an organization faces is when a group lives too long. Think about it – you have groups that exist today that, despite having a clear understanding of the logic behind its membership, you have zero idea why it’s…

Putting Life into AD Group Lifecycle

AD Group Lifecycle Management – Certifying Permissions

One of the greatest faults in the architecture of AD is the complete lack of documenting when someone assigns permissions to it.  You know what I’m talking about – you’re in SharePoint, or on a file server and you add some permissions to a resource.  You grab a list of users and groups from AD,…

Putting Life into AD Group Lifecycle

AD Group Lifecycle Management – Certifying Membership

If I was to ask you who are the members of a given group with permissions to some sensitive application or data set (one other than, say, Domain Admins), you probably don’t know the answer to that. It’s a bit of an unfair question, as none of us strive to memorize the membership of any…