According to a study conducted by Osterman Research and sponsored by Imanami, 42 percent of organizations report unauthorized access of information through Active Directory.
How serious is this? Imagine a company with 3,000 employees with a turnover rate of 10 percent. Until system administrators delete Active Directory access and disable access to their credentials, 300 former employees have access to email and other network resources specific to their former job function. This doesn't even take into account the amount of internal turnover of jobs. In fact, 44 percent of the respondents have received an email sent to a distribution list that used to be relevant to their job but is no longer.
Group management for Active Directory is time consuming and takes on average 5.8 hours per 1,000 users a week to manage. This is a mundane task which 81 percent of respondents manage manually, and only 7 percent use a solution to automate the process.
The problem is that although system administrators understand groups need to be managed, it is not a top priority and in fact falls to the bottom. 27 percent of respondents found managing Active Directory to be more boring than managing email servers, 21 percent found it more boring than filling out expense reports, and 19 percent found it more boring than taking out the garbage.