BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Webcast Recap: Leveraging Active Directory as a Unified Identity Store with Microsoft MVP, Darren Mar-Elia

Posted May 29, 2014    Chris Burd

darren-mar-eliaWith over 15 years of history, Active Directory (AD) is the original source of authentication and authorization as a service, providing businesses with a trusted way to consolidate and manage identity. But how and why companies use AD – from an OS directory to an identity store – has constantly evolved.

BeyondTrust recently partnered with Darren Mar-Elia, Microsoft MVP and Contributing Editor at Windows IT Pro Magazine, for a webcast discussing the advantages and history of consolidating identity on AD. Below are key takeaways from the webcast, followed by an on-demand recording of the presentation.

Active Directory to control access to corporate resources

Mar-Elia notes that, while we may prioritize different aspects of the IT environment today, the main purpose of AD hasn’t changed much over the years. In most enterprise environments, AD is vital in authenticating users (via Kerberos) and controlling access to company resources (think SharePoint and mailbox access).

As the IT industry develops, AD provides greater ongoing control over access to corporate resources such as Windows desktops and servers and Linux/UNIX servers, not to mention applications that run on a variety of platforms like Sharepoint, Weblogic Java, and NAS appliances. The result is the use of AD as the de facto standard for identity in the enterprise, regardless of which device is connected.

Active Directory to reduce your identity footprint

As controlling access and provisioning and de-provisioning become more critical, IT teams place more importance on consolidating the identity stores they need to worry about. But since, for many companies, AD is just one of many identity stores and meta-directories, it’s not always being used to its fullest potential.

In order to protect your data, you need to be able to easily track who has access to which resources. Consolidating identity into AD allows you to reduce the number of directories to synchronize, thereby organizing and reducing your identity footprint. It also reduces the number of places you need to audit and monitor for authentication and authorization, as well as the points of control for provisioning and de-provisioning. Finally, it provides the ability to leverage the same tools you use for managing AD for managing authentication and authorization for most of your IT resources.

AD as a single platform to audit the use of authoritative data makes your life easier – auditing access, changes, and usage across all platforms becomes a matter of collecting and reporting on AD security logs. To improve your internal security processes, consolidate your identity stores and use AD for reporting and auditing. From authentication and authorization for users, to applications for monitoring a variety of platforms, AD can provide a single “source of truth” for identifying people and their functions despite organizational changes.

> Learn about BeyondTrust’s solutions for Active Directory Auditing and Recovery
> Download a PDF overview of our Active Directory Auditing and Recovery solutions

Tags:
, , , , , , ,

Leave a Reply

Additional articles

skeletonkey3_713678_713680

Stopping the Skeleton Key Trojan

Posted June 29, 2015    Robert Auch

Earlier this year Dell’s SecureWorks published an analysis of a malware they named “Skeleton Key”. This malware bypasses authentication for Active Directory users who have single-factor (password only) authentication. The “Skeleton Key” attack as documented by the SecureWorks CTU relies on several critical parts.

Tags:
, , , , ,
webinar 2

On Demand Webinar: 10 Steps to Building an Effective Vulnerability Management Program

Posted June 26, 2015    BeyondTrust Software

In this on demand webinar, Cybersecurity Expert, Derek A.Smith will take you through his 10 steps for a successful vulnerability management program and how to get started now.

Tags:
, ,
AHHA_PRO.LOGO

Privileged Account Management – Another AH-HA in Cyber Security

Posted June 25, 2015    Nigel Hedges

I strongly believe that the Top 4 mitigation strategies don’t just simply apply to Australian organizations, it should be a global realization, a worldwide “ah ha!” for those still not quite understanding the importance here. Here’s a refresher (or intro) on the Top 4 mitigation strategies. Read on…

Tags:
, ,