- Actively maintaining the Active Directory is a difficult task that only gets more difficult with issues like stale accounts and privilege creep.
- Adding permissions without removing them in lateral transfers creates access issues, especially when regulatory requirements like HIPAA require tight controls.
- With the importance of maintaining and granting permissions within the Active Directory, organizations are hesitant to grant domain admin access to Tier 1 of the service desk. However, inundating Tier 2 analysts with requests to grant permissions takes away project time.
- Do not treat the Active Directory like a black box. Strive for accurate data and be proactive by managing your monitoring and audit schedules.
- Catch outage problems before they happen by splitting monitoring tasks between daily, weekly, and monthly routines.
- Shift left to save resourcing by employing workflow automation or scripted authorization for Tier 1 technicians.
- Design actionable metrics to monitor and manage your Active Directory.
Impact and Result
- Consistent and right-sized monitoring and updating of the Active Directory is key to clean data.
- Split monitoring activities between daily, weekly, and monthly checklists to raise efficiency.
- If need be, shift-left strategies can be implemented for identity and access management by scripting the process so that it can be done by Tier 1 technicians.
This content is exclusive to members.
Get instant access by signing up!