Active Directory Review
Active Directory Review Information
An organization’s Directory Services provide the literal “keys to the kingdom,” and as such, any directory vulnerabilities can instantly denigrate the security of the entire organization, as once sufficient privilege is acquired, a malicious user can control access to every information and IT asset protected by the directory.
Key activities include:
- Conducting a design and/or compliance review of those directory attributes deemed essential to the ongoing achievement of critical security objectives:
- Enterprise Design Review;
- Security Configuration Review;
- Content Security Review;
- Administrative Model Review; and,
- Management Practices, Procedures and Policies.
- Formal reporting on the process, gap analysis, relevant findings, and mitigation roadmap. Where possible the report will also include: root cause analysis, peer-group benchmarking, good practice benchmarking, executive summaries, and technical summaries.
The predominant benefits realized by an Active Directory Review are:
- Provides assurance that the Directory controls are in place, aligned with prevailing good practice, and operating as intended; and,
- Provides a measure of assurance that those external systems that are reliant upon the Directory are secure in accordance with their expectation.
Active Directory Review: Best Used
- As part of a compliance management program as a means to demonstrate compliance with relevant laws and regulations over an extended period of time; and,
- As a compensating control where Separation of Duties is not practical or possible.