What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Are You Securing Active Directory?
As an IT professional, you’ve likely made a number of different investments to protect the data within your organization. In order to help with the provisioning of user access rights, you may have invested in an Identity and Access Management (IAM) solution. You’ve likely adopted a SIEM and Data Loss Prevention (DLP) platform as well. And you should! These technologies provide critical capabilities your organization needs to safeguard your assets and achieve compliance with any number of standards.
But are you thinking about the importance of securing Active Directory as well?
According to a recent Ponemon study on The State of Data Access Governance, a surprising 62% of IT professionals rate the importance of Active Directory (AD) as very high.
The way we see it, the security of your data naturally depends on the security of AD. After all, AD is the mechanism responsible for supplying access to almost all data within 90% of enterprises worldwide. It’s the authentication and authorization hub of your IT infrastructure, and attackers know just how important it is to their ability to compromise your credentials and data.
Just think about it. Where are the vast majority of your files stored? Probably on network file shares or in SharePoint sites. What’s the most pervasive Operating System in your environment? Windows. If you’re going big in the cloud, you’re probably going big in Office 365 and Azure. What provides access to it all? You guessed it….Active Directory.
AD isn’t the thing that just lets you log in to your computer in the morning. It’s where the keys to the kingdom are held. Every attacker’s goal is to be Domain Admin. How do you know they aren’t already?
Check out the 2018 Ponemon Study on the State of Data Access Governance for more insights and be sure to check back next week for the final post in this series as I break down additional findings from the Ponemon Study. You can also subscribe to receive email alerts each time a new blog in the “What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study” series posts by signing up here.
Tracy Fey is a Technical Marketing Documentation Specialist at STEALTHbits. Tracy creates tools and content to increase awareness of STEALTHbits products and capabilities, as well as educate on a variety of subjects in the cybersecurity space.