- 4 anonymous contributors
- Actively maintaining the Active Directory is a difficult task that only gets more difficult with issues like stale accounts and privilege creep.
- Adding permissions without removing them in lateral transfers creates access issues, especially when regulatory requirements like HIPAA require tight controls.
- With the importance of maintaining and granting permissions within the Active Directory, organizations are hesitant to grant domain admin access to Tier 1 of the service desk. However, inundating Tier 2 analysts with requests to grant permissions takes away project time.
- Do not treat the Active Directory like a black box. Strive for accurate data and be proactive by managing your monitoring and audit schedules.
- Catch outage problems before they happen by splitting monitoring tasks between daily, weekly, and monthly routines.
- Shift left to save resourcing by employing workflow automation or scripted authorization for Tier 1 technicians.
- Design actionable metrics to monitor and manage your Active Directory.
Impact and Result
- Consistent and right-sized monitoring and updating of the Active Directory is key to clean data.
- Split monitoring activities between daily, weekly, and monthly checklists to raise efficiency.
- If need be, shift left strategies can be implemented for identity and access management by scripting the process so that it can be done by Tier 1 technicians.
This guided implementation is a five call advisory process.
Guided Implementation #1 - Maintain Your Active Directory With Clean Data
Call #1 - Scope requirements, objectives, and your specific challenges.
Call #2 - Create organizational unit structure and policy.
Call #3 - Build monitoring and audit checklists. Design project metrics.
Guided Implementation #2 - Build Active Directory Workflows