BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Webcast Recap: Leveraging Active Directory as a Unified Identity Store with Microsoft MVP, Darren Mar-Elia

Posted May 29, 2014    Chris Burd

darren-mar-eliaWith over 15 years of history, Active Directory (AD) is the original source of authentication and authorization as a service, providing businesses with a trusted way to consolidate and manage identity. But how and why companies use AD – from an OS directory to an identity store – has constantly evolved.

BeyondTrust recently partnered with Darren Mar-Elia, Microsoft MVP and Contributing Editor at Windows IT Pro Magazine, for a webcast discussing the advantages and history of consolidating identity on AD. Below are key takeaways from the webcast, followed by an on-demand recording of the presentation.

Active Directory to control access to corporate resources

Mar-Elia notes that, while we may prioritize different aspects of the IT environment today, the main purpose of AD hasn’t changed much over the years. In most enterprise environments, AD is vital in authenticating users (via Kerberos) and controlling access to company resources (think SharePoint and mailbox access).

As the IT industry develops, AD provides greater ongoing control over access to corporate resources such as Windows desktops and servers and Linux/UNIX servers, not to mention applications that run on a variety of platforms like Sharepoint, Weblogic Java, and NAS appliances. The result is the use of AD as the de facto standard for identity in the enterprise, regardless of which device is connected.

Active Directory to reduce your identity footprint

As controlling access and provisioning and de-provisioning become more critical, IT teams place more importance on consolidating the identity stores they need to worry about. But since, for many companies, AD is just one of many identity stores and meta-directories, it’s not always being used to its fullest potential.

In order to protect your data, you need to be able to easily track who has access to which resources. Consolidating identity into AD allows you to reduce the number of directories to synchronize, thereby organizing and reducing your identity footprint. It also reduces the number of places you need to audit and monitor for authentication and authorization, as well as the points of control for provisioning and de-provisioning. Finally, it provides the ability to leverage the same tools you use for managing AD for managing authentication and authorization for most of your IT resources.

AD as a single platform to audit the use of authoritative data makes your life easier – auditing access, changes, and usage across all platforms becomes a matter of collecting and reporting on AD security logs. To improve your internal security processes, consolidate your identity stores and use AD for reporting and auditing. From authentication and authorization for users, to applications for monitoring a variety of platforms, AD can provide a single “source of truth” for identifying people and their functions despite organizational changes.

> Learn about BeyondTrust’s solutions for Active Directory Auditing and Recovery
> Download a PDF overview of our Active Directory Auditing and Recovery solutions

Tags:
, , , , , , ,

Leave a Reply

Additional articles

CyberResiliency

6 things I like about Gartner’s Cyber Resiliency Strategy

Posted August 27, 2015    Nigel Hedges

There were 6 key principles, or recommendations, that Gartner suggested were important drivers towards a great cyber resiliency posture. I commented more than once during the conference that many of these things were not new. They are all important recommendations that are best when placed together and given to senior management and the board – a critical element of organisations that desperately need to “get it”.

Tags:
,
powerbroker-difference-1

Why Customers Choose PowerBroker: Flexible Deployment Options

Posted August 26, 2015    Scott Lang

BeyondTrust commissioned a study of our customer base in early 2015 to determine how we are different from other alternatives in the market. What we learned was that there were six key differentiators that separate BeyondTrust from other solution providers in the market. We call it the PowerBroker difference,

Tags:
, ,
Mac-Security-Enterprise

On Demand Webinar: Security Risk of Mac OS X in the Enterprise

Posted August 20, 2015    BeyondTrust Software

In the last several years, Mac administrators have come to realize that they may be just as vulnerable to exploits and malware as most other operating systems. New malware and adware is released all the time, and there have been serious vulnerabilities patched by Apple in the past several years, some of which may afford attackers full control of your systems.

Tags:
, ,