Active Directory Security

Assessing Your Active Directory: Group Related Risks

Register to watch full recorded webinar for free
{{ firstError }}
We care about security of your data.
Privacy Policy
About the Webinar

Groups are the fundamental way we manage access both inside Active Directory to control privileged access and readability of directory information as well as outside AD, throughout the rest of your network, to manage both end-user access to information and applications and privileged access to systems relying on AD. 

But groups in your on-prem AD have ramifications even up in the cloud if you are like most organizations and synchronize groups up to Entra via Microsoft Entra Connect Sync (formerly known as Azure AD Connect). A given group created on your AD domain controller might grant a user access to an on-prem file server, VPN gateway, access to a SQL database, Dynamics CRM in the cloud, a SharePoint site in Office 365 and virtual machines and storage accounts in Azure. 

And of course, with federation and Open ID Connect that same group could grant members access to other non-Microsoft cloud apps like Workday, ServiceNow and the list goes on and on.

So, groups deserve close scrutiny and in this real-training for free session I will help you find group related risks before auditors, red teams or regulators.

Groups are a simple concept. Put related users in a group and then give that group access to a resource. When a new user needs the same kind of access put them in the group. When a user’s role changes remove them from the appropriate groups. But groups quickly get out of hand.

The biggest issues that contribute to group-based risks include:

  • There’s no direct way to see all the entitlements a group has across your hybrid on-prem and multi-cloud environment
  • You frequently find multiple groups with nearly the same name and many of the same users – but not quite
  • Ownership of groups and criteria for membership is frequently unclear and therefore groups are allowed to grow stale; members are added but never removed
  • Group-nesting is powerful and has a legitimate use but it can quickly get out of control leading to shocking and unintended results

Groups were always a copious source of findings in my AD security practice where I audited a range of AD implementations and taught regulators like the FDIC and the four large accounting firms how to assess Active Directory. In this session I’ll share what I learned and help you clean up your existing groups in implementing conventions and controls to keep groups secure going forward.

Netwrix is my sponsor for this real-training for free session and with their Netwrix Auditor solution they are the perfect fit.  Jennifer Taufan will show you how to:

  • Report on effective group membership in Active Directory and Entra ID
  • Understand where groups are granting access to your data sources such as file servers and SharePoint
  • Monitor and alert on group membership changes
Speakers
Randy Franklin Smith avatar
Randy Franklin Smith,
CEO, Monterey Technology Group, Inc.
Jennifer Taufan avatar
Jennifer Taufan,
Solutions Engineer