Hi there, I’m doing some research around cybersecurity — specifically access management. Does anyone have a moment to answer the below please?

  1. Since Windows Active Directory is nearly ubiquitous in enterprises, what are IT professionals doing to secure access? What are the biggest challenges to securing user access using native Active Directory? What kind of employees do you think are most likely to open an organisation up to access risks?

  2. How big a security concern do you see access security in your organization. Do you use Windows Active Directory?

  3. What Microsoft tools bundled with Active Directory do you use or rely on? (Active Directory Users and Computers (ADUC), Group Policy Management Console (GPMC))

  4. I have a specific question around change logs (audit) supplied by Active Directory, which are very technical in nature and require manual correlation to track users. How important is it to have visibility of both user access and data/application access events?

  5. How important is real-time visibility with regards to managing access? Would you feel that without real-time visibility into who is accessing your networks and files, you’d be left significantly weakened as a result? Do you ever worry that if you can’t see what’s going on, attackers will take advantage of that?

  6. How important is it to get an alert when certain access events occur? What do you do when you’ve detected suspicious access activity? How quickly are you able to identify and contain a suspicious breach?

Very good questions, and none of them have simple answers. It is after midnight here right now so I will try to respond to some of them tomorrow. Bed is calling. :-)

Apologies, but I don't have the time to provider considered answers to that list of questions right now; my own deadlines are calling.

However, I would suggest that you take a look at the following if you haven't already:

https://technet.microsoft.com/en-us/windows-server-docs/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory

https://www.linkedin.com/pulse/active-directory-security-10-most-common-issues-rahisuddin-shah

https://adsecurity.org/?p=1684

All the best

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.