Microsoft Active Directory Security: Risky Business?

Many organizations are potentially overconfident about Microsoft Active Directory (AD) security, according to a recent survey conducted by hyperconverged system provider Skyport Systems and Redmond Magazine.

The survey of more than 300 IT professionals showed the majority of respondents rated their AD as "secure," "very secure" or "moderately secure." In addition, only 2.5 percent of survey respondents rated their AD as "not secure."

Also, the survey revealed more than half of respondents said AD security is not a priority for the coming year, or they are unsure if it is.

Is AD Security 'Underperforming'?

The survey showed AD security is "underperforming," Skyport indicated, and key survey results included:

  • 70 percent of respondents said they neglected to implement multi-factor authentication.
  • 41 percent stated they allowed unspecified workstations to access domain controllers.
  • 22 percent noted they used admin credentials to read email or browse the web.

Active Directory "should be protected at all costs," Skyport CEO Art Gilliland (pictured above) said in a prepared statement, and organizations must look beyond smart configuration and governance of AD admin accounts, policies and passwords.

"We know that IT teams are being asked to do more with less, which is why it's important to explore hyperconverged security models that reduce workload and increase visibility to ensure a completely turnkey, secure environment for the applications that matter most," he stated.

Nine Active Directory Security Tips

Lepide, a provider of IT auditing, migration and recovery solutions, recently offered the following AD security tips:

  1. Use a lean model for AD administration. With a least-privilege AD administration model, an organization can assign AD administration privileges only to those who need them.
  2. Create and deploy a security policy. An organization should analyze its compliance requirements and IT assets and develop a security policy that balances security and productivity.
  3. Audit AD. Monitor AD computers and users to identify and address security threats.
  4. Document AD. Documenting AD configurations, settings and similar information will help an organization keep track of its AD security efforts.
  5. Keep software up to date. Upgrade legacy applications and systems to improve AD security.
  6. Have precautions in place. Use precautionary measures like isolating critical servers and ensuring critical servers are accessible only from select computers.
  7. Perform regular clean-ups. Remove inactive AD accounts regularly.
  8. Implement advanced password protection. Require passwords that include at least 20 characters and a combination of words, numbers and symbols.
  9. Leverage professional tools. Auditing, clean-up and other professional tools are available to help organizations streamline their AD security efforts.

AD mismanagement unknowingly exposes 90 percent of enterprises to security breaches, according to a recent Skyport security assessment.

However, organizations that understand AD security can reduce the risk of cyberattacks from outside hackers and insider threats, Skyport stated.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.