Hi there, I’m doing some research around cybersecurity — specifically access management. Does anyone have a moment to answer the below please?
-
Since Windows Active Directory is nearly ubiquitous in enterprises, what are IT professionals doing to secure access? What are the biggest challenges to securing user access using native Active Directory? What kind of employees do you think are most likely to open an organisation up to access risks?
-
How big a security concern do you see access security in your organization. Do you use Windows Active Directory?
-
What Microsoft tools bundled with Active Directory do you use or rely on? (Active Directory Users and Computers (ADUC), Group Policy Management Console (GPMC))
-
I have a specific question around change logs (audit) supplied by Active Directory, which are very technical in nature and require manual correlation to track users. How important is it to have visibility of both user access and data/application access events?
-
How important is real-time visibility with regards to managing access? Would you feel that without real-time visibility into who is accessing your networks and files, you’d be left significantly weakened as a result? Do you ever worry that if you can’t see what’s going on, attackers will take advantage of that?
- How important is it to get an alert when certain access events occur? What do you do when you’ve detected suspicious access activity? How quickly are you able to identify and contain a suspicious breach?
