Launched with Windows 2000, Active Directory has become the most deployed directory service around. Yet despite its 22-years of use, many organisations are worried about security. So where do you start to understand your risks and what can you do to solve them.
Enterprise Times spoke with Mickey Bresman, CEO of Semperis, about AD and the challenges it presents to organisations. Semperis is focused on securing AD both on-premises and in the cloud. ET asked Bresman how AD became so messy?
Bresman replied, “AD is a great solution so let’s start with that. It plays a crucial role and still does what it’s supposed to do. What changed is what happened in the world in the last 20 years.” Those changes that Bresman refers to include cloud, work from home, mobile devices, IoT and the explosion of things that now sit in AD.
That explosion of things has created a moving feast for administrators. The number of changes that occur in AD is larger than many realise. According to Bresman, “In the larger enterprise, I’ve seen 10 of 1000s of changes to objects on a daily basis.” The challenge for administrators is tracking those changes and ensuring they are all supposed to happen.
So how do we improve the situation? Bresman says, “There are several things people can do. AD security assessments, red teaming exercises and using the MITRE and ANSI attack frameworks. They also need to track configuration drift to see how quickly AD is changing.”
To hear what else Bresman had to say, listen to the podcast.
Where can I get it?
You can listen to the podcast by clicking on the player below. Alternatively, click on any of the podcast services below and go to the Enterprise Times podcast page.