Security issues in group management
Posted on 19 November 2008.
Consider the security risk if you moved into a new apartment and the landlord didn't bother getting the keys back from the previous tenants. One night while you are away the previous tenant slips back into your place and takes your valuables. Upon confronting the landlord, you find that getting the keys or switching the locks wasn't a priority for him. For a company this is what it's like with each employee promotion, division switch, project completion, or termination. With each delay in updating Active Directory, the system administrator is essentially leaving the door unlocked and putting a company's assets at risk.

According to a study conducted by Osterman Research and sponsored by Imanami, 42 percent of organizations report unauthorized access of information through Active Directory.

How serious is this? Imagine a company with 3,000 employees with a turnover rate of 10 percent. Until system administrators delete Active Directory access and disable access to their credentials, 300 former employees have access to email and other network resources specific to their former job function. This doesn't even take into account the amount of internal turnover of jobs. In fact, 44 percent of the respondents have received an email sent to a distribution list that used to be relevant to their job but is no longer.

Group management for Active Directory is time consuming and takes on average 5.8 hours per 1,000 users a week to manage. This is a mundane task which 81 percent of respondents manage manually, and only 7 percent use a solution to automate the process.

The problem is that although system administrators understand groups need to be managed, it is not a top priority and in fact falls to the bottom. 27 percent of respondents found managing Active Directory to be more boring than managing email servers, 21 percent found it more boring than filling out expense reports, and 19 percent found it more boring than taking out the garbage.





Spotlight

51% of consumers share passwords

Posted on 20 August 2014.  |  The research revealed that consumers are not only sharing passwords but also potentially putting their personal and sensitive information at risk by leaving themselves logged in to applications on their mobile devices, with over half of those using social media applications and email admitting that they leave themselves logged in on their mobile device.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //