How to secure your organisation with Active Directory

By Scott Marlette Last updated Aug 16, 2021

When you login to your corporate network, it gives you access if it identifies the user ID and password to be correct. And once you are in, you are allowed access to some of the applications. All will have access to the attendance/leave application, those in a particular department will have access to what they would need to conduct their work, but these won’t be accessible to other departments. And only a select few, like the CXOs, will have access to, say, the overall revenue and profit numbers.

This entire authentication and authorisation process is managed by what’s called the Active Directory. And it plays a central role in ensuring security. That was the subject of the Times Techies Webinar last week. Vivin Sathyan, senior technical evangelist with ManageEngine, the arm of Zoho Corp that provides enterprise IT management solutions, said Active Directory also enables centralised administration. “IT administrators can monitor and manage the entire system centrally, instead of having to go to every individual system,” he said. In organisations with hundreds of people, going to each device to configure would be impossible.

Rahul Sasi, founder & chairman of cyber security and machine intelligence company CloudSEK, said hackers globally tend to be successful mostly because of unpatched systems. The vendor may have provided a patch for a bug, but the organisation had not bothered to update the system, most likely because it involved the painful process of an IT person going to each device and updating them. “With an Active Directory-like system, you can manage all this centrally. That’s the easiest way to cyber security,” he said.

An extra level of security you can use is multifactor authentication – such as an OTP. And Sasi recommended you use it even for your emails and WhatsApp.

Sathyan said IT admin must implement machine learning-based alerts. “We have this concept called UEBA – user and entity behaviour analytics. Most vendors now adopt this. It understands your user’s behaviour. And when there’s a deviation from that behaviour, it flags the deviation. It is impossible to manually track these,” he said.

The deviation could be a login outside your normal work hours, or from a location that is not your normal one. “Only an algorithm, only AI/ML will be capable of going through your logs, and correlating those logs – logs from databases, apps, firewalls, anti-spam. It’s all about setting the alarms in the right places and connecting the dots. And if done quickly, you can stop the attacks,” Sathyan said.

Vivin Sathyan, Senior Technical Evangelist, ManageEngine

There are various points that could be compromised, like browser, DNS server. The IT administrator has to set alarms in these places. If one of these alarms go off, you know the exact direction to run to fix that. AI/ML is essential in this monitoring process.

pRahul Sasi Founder amp Chairman CloudSEKp

Rahul Sasi, Founder & Chairman, CloudSEK

Most PCs will have malware. They will look for your bank username and password, the OTPs you receive. Or they’ll mine crypto. Don’t put personal information on the local hard drive of your PC or phone. Put it on a trusted cloud provider.

FacebookTwitterLinkedin

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.