Folks,
Today is January 06, 2020, and as
promised, here I am getting back to sharing thoughts on Active Directory Security.
Back to the Basics (Cyber Security 101)
I'd like to kick off this blog this year/decade by asking and answering a very simple yet vital question -
What is Active Directory?
You see, while this question may seem simple to some (and it is,) its one of the most important questions to answer adequately, because in an adequate answer to this most simple question lies
the key to organizational cyber security worldwide.
The reason is very simple - if you were to ask most CISOs or IT professionals, they'll likely tell you that Active Directory is the "phone book" of an organization's IT infrastructure, and of course, since "
who really cares about a phone book" it is
this shallow view that leads so many organizations to greatly diminish the value of Active Directory to the point of sheer negligence!
In fact, for years now, this has been the predominant view held by most CISOs and organizations worldwide, and sadly it is the negligence resulting from such a simplistic view of Active Directory that the Active Directory deployments of most organizations remain substantially insecure and vastly vulnerable to compromise today.
Active Directory - The Very Foundation of Organizational Cyber Security Worldwide
If as they say, a "
A Picture is Worth a Thousand Words", perhaps I should paint you a very simple Trillion $ picture -
An organization's Active Directory deployment is quite simply its single most valuable IT and corporate asset, worthy of the highest protection at all times, because
it is the very foundation of an organization's cyber security.
You see,
the entirety of an organization's building blocks of cyber security i.e.
all organizational user accounts and passwords used to
authenticate their people,
all security groups used to
authorize access to all their IT resources,
all their privileged user accounts,
all the accounts of all their computing devices (laptops, desktops, servers etc.) are
all stored, managed and secured
in (i.e. inside) the organization's foundational Active Directory, and all sensitive/privileged actions on them are
audited in it.
In other words, should an organization's foundational Active Directory, or even a single Active Directory privileged user account, be compromised, the very foundation of the organization's cyber security, and thus the entire organization could be exposed to the risk of complete, swift and colossal compromise.
Active Directory Security Must Be Organizational Cyber Security Priority #1
Ensuring the highest protection of an organization's foundational Active Directory deployment
must, without a doubt, be the
#1 priority of every organization that cares about cyber security, protecting shareholder value and business continuity.
For anyone to whom this may still not be clear, I'll spell it out - just about everything in organizational Cyber Security, whether it be Identity and Access Management, Privileged Access Management, Network Security, Endpoint Security, Data Security, Intrusion Detection, Cloud Security, Zero Trust etc. ultimately relies and depends on Active Directory (and its security.)
In essence, today every organization in the world is
only as secure as is its foundational Active Directory deployment, and from the
CEO to the
CISO, from
IT Managers to
Auditors and from
Domain Admins to
employees, everyone should know
this fact.
Best wishes,
Sanjay.