dcsimg

Securing AD for Hybrid Cloud Environments

  • Securing AD for Hybrid Cloud Environments

    Securing AD for Hybrid Cloud Environments-

    Automate Remediation

    Step 3: Automate remediation

    To create a self-healing environment that does not require human intervention, administrators must automate remediation of unauthorized security changes to help them stick to assessment baselines. To do this, they should preset remediation in multiple ways, including creating a whitelist of users allowed to make changes, reverting unsanctioned changes to AD objects, detecting inactive accounts and moving them to a disabled user container, and deleting them if they remain inactive for several days.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8

Securing AD for Hybrid Cloud Environments

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
  • Securing AD for Hybrid Cloud Environments-4

    Automate Remediation

    Step 3: Automate remediation

    To create a self-healing environment that does not require human intervention, administrators must automate remediation of unauthorized security changes to help them stick to assessment baselines. To do this, they should preset remediation in multiple ways, including creating a whitelist of users allowed to make changes, reverting unsanctioned changes to AD objects, detecting inactive accounts and moving them to a disabled user container, and deleting them if they remain inactive for several days.

Adoption of cloud services has undeniably soared, with Microsoft calling Office 365 its fastest growing commercial product ever, and more than 70 percent of Fortune 500 companies now using at least two different Microsoft cloud services. However, while organizations are actively deploying more cloud applications, they are also keeping on-premises solutions, creating a hybrid environment of both on-premises and cloud-based applications.

To manage employee authentication, identity management and access control policies across hybrid environments, companies often leverage the Azure Active Directory (AD) Connect management tool, which performs a one-way sync from on-premises AD to the online Azure AD. The problem is that on-premises AD does not include the same types of security controls that the cloud-based version does, leaving a big hole in an organization's security program that exposes the business to risk.

In this slideshow, Alvaro Vitta, principal solutions consultant specializing in security at Quest Systems and Information Management, recommends six steps for organizations to strengthen their hybrid directory environment to ensure successful hybrid cloud environment performance.