Written by CloudTalent – published 24 November 2015
Every business has information it needs to protect, yet many businesses still just believe their intellectual property and customer data are safe and secure. Assuming data hacking happens to someone else isn’t wise – ask the people at TalkTalk and Vodafone. We will always be playing catch-up against attackers since they will always since it’s easier to destroy than build. And what we are learning now is hackers have no pattern. Think that they target only money or IP? Think again. Attackers are targeting charities, small or large businesses, government departments etc. There simply is no rhyme nor reason! But don’t just take my word for it, this link may just surprise you.
I have been helping companies improve Identity Management for the last 20 years and time and again I keep on meeting clients who take the subject seriously, yet don’t get around to managing it effectively. Too often I’m left with the thought “how have they survived attacks or malicious threats for so long?”
Issues often arise from poorly maintained Active Directory environments – software used by over 90% of the world’s organisations to host their identities. Active Directory is 15 years old what we are seeing is vast numbers of organic growth with little to no planning, design strategy or identity management. Over time a business’ Active Directory can become degraded – particularly when companies merge or split, but often because there was little understanding of just how quickly things can get out of control when not properly managed.
So how can you tell whether your business is vulnerable?
Here are the 10 things to look out for:
- Active accounts for ex-employees
- Too many user accounts in your administration groups
- Active accounts for people that never joined the company in the end
- Users that have acquired access to data they no longer need, or should have, through moving around the company
- Access groups that no longer resemble the requirements of the organisational roles
- A hugely complex access model that nobody can unpick or dare to go near
- Proliferation of Active Directory forests due to lack of long-term planning and short-term tactical solutions
- Incomplete migrations leading to token bloat and vulnerabilities through SID History which then also leads to complexities and higher costs
- Lack of self-service capabilities that can open up social engineering possibilities, which also generates reduced productivity and high support costs
- Staff use of single accounts to perform administrative tasks, as well as day-to-day tasks, including accessing the internet
So what should you do to improve security?
Well either wait until my next blog or get in touch I would be delighted to hear from you.