Active Directory Permissions
commissum provides an AD Permissions Audit to ensure Microsoft Active Directory security.
Many organisations moved to the Active Directory (AD) platform several years ago. They believe that if they have IP addresses, files, printing, Internet access and email, then the AD must be in order.
Indeed, it may well be functioning adequately at a basic level, but on the other hand it may not be. In either case, the AD is unlikely to be robust, and almost certainly will not be documented.
Over the course of time, assignment of permissions across your infrastructure will have become fragmented as employees change roles. In addition, separation of duties (if built in originally) may have slipped, controls may no longer be rigorous enough, and security gaps may lead to security issues
. This "permissions creep" is of particular concern where permissions may "open a back door" into your infrastructure for remote users and third-party VPN users.
To address this problem, commissum has developed an Active Directory Permissions Audit, whereby we conduct a security-driven investigation into user and administrator permissions within the directory infrastructure. This audit identifies irregular permissions and permissions that appear to be excessive or outdated.
Approach
commissum's approach is to audit membership of groups to assist in:
- Identifying users in an excessive number of groups.
- Identifying users in legacy groups.
- Identifying users in sensitive groups.
- Identifying users in administrative groups.
commissum will audit access rights on key programs, prioritising users and groups relating to third-party VPN access. This process assists in the following:
- Identification of excessive rights for executing sensitive server functions.
- Identification of excessive rights to IT support functions.
- Identification of legacy permissions.
- Production of a report on the above, which includes recommendations to address current issues, and any high-level recommendations as to future monitoring and management.
Get in touch with one of our security consultants today
- No obligation
- Expert advice
- Tailored solutions
"commissum understood exactly what we needed and delivered excellent service on time, and on budget. Why can't all companies be like them!"
Mr Duncan M, Information Security Manager - National Building Society
Latest News
Botnets go mobile and net a lucrative catch
Researchers at security firm Symantec and at North Carolina State University have recently discovered a large and successful botnet -- with the twist that this one involves mobile phones, specifically Android smartphones.A botnet is a cluster of devices infected with the same malware (unknown to their owners), and under the ...Wed 15 Feb, 2012 //
_display_thumbnail_image.jpg)
Government cybersecurity report urges awareness rather than fear
The UK Government's Science and Technology Committee has released a report on malware and cybercrime in the UK.Malicious software, or "malware", infects computers and steals banking details and personal identity information, which can be used for identity theft. It poses a growing threat in the UK, as more people use ...Fri 10 Feb, 2012 //
UK cyber-security among the world's best in recent report
A new report collates the views of international cybersecurity experts to grade several countries according to the strength of their defence against Internet attacks.  The report, sponsored by the computer security company McAfee, ranks Israel, Finland and Sweden as the top-performing countries, with four and a half out of five ...Tue 31 Jan, 2012 //
