Category: Active Directory

Insights From Thought Leaders Around The Globe

The digital identities of modern enterprises exist in a dynamic environment. Read thought leadership from experts worldwide regarding the constantly changing global IT environment and insights for keeping up with growing demands, and securing against escalating threats and vulnerabilities.

How To Prepare For Cyberwar: It Starts With Identity

Cyberattacks are rapidly evolving in sophistication and scale. The line between the digital and the physical realm has become more blurred. Foreign cyberattackers have used destructive malware to erase data from hard drives and made moves to infiltrate industrial systems. They could make equally damaging moves in the future, given recent political events and verbal threats. Anyone in … Read More

Hypervisor DC Snapshots Are No Substitute for Proper Active Directory Backups

Hypervisor DC Snapshots Are No Substitute for Proper Active Directory Backups

Most organizations have virtualized some or all their AD domain controllers. Virtualized DCs have their advantages, but they also introduce risks that didn’t exist with physical servers. One of these risks is the temptation to use hypervisor snapshots (a point-in-time VM image) for AD backups.   Don’t.  Let’s be clear: even though Microsoft supports hypervisor snapshot restores since Windows Server 2012 – i.e. they won’t break AD as they could in previous OS versions – they’re still not recommendedi. And they’re especially not recommended for forest disaster recovery scenarios.  … Read More

Toughen Up Your AD

Toughen Up Your AD

Request for Comments (RFC) 1823 from August 1995 introduced the Lightweight Directory Access Protocol (LDAP) Application Programming Interface (API). One could argue that this important work served as the foundation for modern identity management. And yet, surprisingly, the word identity does not appear even once in the entire RFC. (The word directory shows up fourteen times and the word access appears … Read More

Hybrid Identity Protection comes in many shapes; Meet Azure AD Connect Health

Information protection consists of three pillars: confidentiality, integrity and availability. Hybrid Identity is no different; the three pillars still apply. However, availability is hard for Azure AD Connect. As a key link in the Hybrid Identity chain, it should be the focus, but not the only focus. High availability for Azure AD Connect explained About … Read More

Retake Control of Attribute Sync to Azure AD

Keeping directory sync in sync with security best practices With Azure AD Connect, synchronizing directory data from on-premises Active Directory to Azure AD is both easy and efficient. But is it possible to have too much of a good thing? Security best practices limit sharing to a strict need-to-know basis. However, Azure AD Connect synchronizes … Read More