Active Directory – Access Rights Management

The IT department’s love-hate relationship with Active Directory is mostly justified. However, we have just the solution to make your life easier and your information more secure at the same time. That’s a win-win in anyone’s book.

So, how does it all go so wrong with Active Directory?

When an employee logs into their computer on the office network, they join a Windows domain administered Microsoft Active Directory, which checks the submitted password and determines whether the rights of the user are correct, and, if so, what files an employee may access.  The user logging in could be a system administrator, a normal user with elevated privileges or a normal user with standard accesses. Active Directory manages these access rights for you based on the privileges you’ve authorised for each user.

The issue here is that Active Directory, although fundamental to an organisation, is not easy to manage or easy to extract information from.  This is compounded by the normal growth of business over time. Many organisations have expanded by acquisition so that the once structured and efficient Active Directory has now grown into a complex beast that many IT admins loathe tackling.

This growth in complexity results in a situation is called the “Apprentice Effect”. This is where a new joiner or graduate, who over time may move from one department to another, is given additional access for each area. However, no one remembers to remove or change their access level, so the result is that over time they have access to everything. Both long and short-term users of Active Directory may find that’s a rather charitable view of it. Although Active Directory can be very complex, it is the fundamental application which that all organisations use.

At Guardian Technologies, we recommend a newer and far more approachable piece of software called Solar Winds Access Rights Manager (ARM), developed by Protected Networks.

Identifying the above and the many other access issues can be challenging. To then resolve and update the rights as they should be, is an even more significant project. Using our unique access rights management solution, which brings a new level of ease in handling this complex task, can help a business establish a robust security framework to successfully minimise exposure to insider threats.

We’ve used ARM as our preferred solution for a long time, and with its latest major release we are pleased to say that we feel that this solution is the best option in the marketplace today. ARM allows you to:

  • Analyse your permissions at a glance: the software provides a comprehensive overview of the access rights situation for all the resources in your organisation.
  • Visualise the permissions to easily understand how the Active Directory is constructed.
  • Monitor security: the relevant actions in Active Directory and on your file servers are continuously monitored.
  • Control over user provisioning: you can set rules for the creation of new user accounts, the provisioning of rights and the editing of account details.
  • Have an audit trail: the software records any access rights activity in our logbook and creates audit proof reports that you can produce at any time.
  • Save time: because of the role and process optimisation your access rights management process and involves only the most important actors.

Why use Guardian Technologies?

There are many security risks across the management of your Active Directory that any company faces in today’s digital world.   Identifying the many access issues can be challenging, to then resolve and update the rights as they should be can be a large project.  Using our ARM our access rights management solution which brings a new level of ease in handling this complex task can help a business to establish a robust security framework to successfully minimise exposure to insider threats.

Our ARM access right product is designed for businesses with over 100+ employees that are using Microsoft Active Directory. Its intuitive and easy to use interface provides a simple and efficient way to track team changes and adjust the individuals’ access to files accordingly. ARM can be used in a number of different ways depending on the maturity of the Active Directory configuration.

We like to do business with like-minded organisations who see the need to enhance their information security provisions but may not have the experience to do so in-house or are growing at such a rate that the in-house IT team need some additional support.

If you are concerned about your business information security contact us to arrange your FREE 60-minute consultation