Sponsor: One Identity

Active Directory Domain Services (AD DS) administration and management includes 12 major tasks. These tasks cover a wide breadth of business needs and are not all performed solely by AD DS administrators. In fact, administrators can and should delegate several tasks to other members of their technical community, technicians, help desk personnel, even users such as team managers and administrative assistants. While delegation is a way to reduce the amount of work administrators have to do when managing AD DS infrastructures, it really only addresses one or two of the 12 tasks, for example, user and group administration as well as end point device administration. The other ten tasks can be staggering in nature — security, networked service administration, OU-Specific Management, Group Policy Object management and many more — and because of this can take up inordinate amounts of time,

Active Directory is everywhere and Azure Active Directory (AAD), its cloud-based cousin, is quickly gaining ground. Currently, nearly ninety percent of organizations worldwide are using Active Directory (AD) for on-premises resources (aka on-prem). That represents 500 million organizations and somewhere around 10 billion daily authentications. In fact, in the world of identity and access management (IAM), AD has become unavoidable and absolutely necessary for on-prem user authentication and authorization. You have to go through AD. It’s just how it’s done. Now, mix in the cloud – and Azure AD– and your management complexity just skyrocketed – and you could be in for a world of pain, if your on-prem or cloud identity environments are not managed and synced properly.

Active Directory (AD) is the foundation of identity and access management (IAM) at most organizations and, as such, is probably the most crucial technology on the network. More and more systems and applications depend on AD and Azure Active Directory (AAD) for authentication, policy, entitlements, and configuration management. If AD is insecure, everything is insecure.

SAP is critical to many organizations’ operations and success, and IAM is essential for EVERY organization’s success. You would think that it’s a compatible match, right? It turns out that navigating the relationship between the two sides can be tumultuous.

The identity and access management (IAM) team is on the front lines of security but are not SAP experts and do not know the intricacies of the popular enterprise software’s modules and their use. Then there’s the SAP teams, who support and enable business operations, as well as drive the user experience, who rarely claim to be experts in IAM. They know to not overstep their bounds when it comes to enterprise initiatives tied to IAM.

Identity and Access Management (IAM) is moving beyond IT security and compliance to become a valuable enabler that drives business performance, digital transformation and competitive advantage. But planning and deploying IAM is not without its challenges.

Read on to learn more...

When IT professionals talk about identity and access management (IAM), governance now dominates the conversation.

In years past when we talked about IAM, the hot topics were provisioning, single sign-on and role-based access control. But we must have gotten bored with those stale topics and needed something new to focus on.

Identity and access management (IAM) isn’t something you do once and then forget about. It’s an ongoing process, a critical part of your infrastructure that demands continuous management. Even if you have a fully implemented directory, it’s never too late to take advantage of best practices to help continuously manage this crucial part of your environment.

In an ideal world, we’d have the budget and time we need to get things done. And tomorrow would be predictable. But that’s simply not the case, especially in the IT universe.

As you well know, the world of identity and access management (IAM) is one of constant change, shrinking deadlines, minuscule budgets, overtaxed staff and unmerciful regulations. Unfortunately, the approach most organizations take to IAM involves piecing together ‘half solutions,’ in the hope that tomorrow’s solutions will address real-world needs.

Active Directory is everywhere and Azure Active Directory (AAD), its cloud-based cousin, is quickly gaining ground. Currently, nearly ninety percent of organizations worldwide are using Active Directory (AD) for on-premises resources (aka on-prem). That represents 500 million organizations and somewhere around 10 billion daily authentications. In fact, in the world of identity and access management (IAM), AD has become unavoidable and absolutely necessary for on-prem user authentication and authorization. You have to go through AD. It’s just how it’s done. Now, mix in the cloud – and Azure AD– and your management complexity just skyrocketed – and you could be in for a world of pain, if your on-prem or cloud identity environments are not managed and synced properly.

Active Directory Domain Services (AD DS) administration and management includes 12 major tasks. These tasks cover a wide breadth of business needs and are not all performed solely by AD DS administrators. In fact, administrators can and should delegate several tasks to other members of their technical community, technicians, help desk personnel, even users such as team managers and administrative assistants. While delegation is a way to reduce the amount of work administrators have to do when managing AD DS infrastructures, it really only addresses one or two of the 12 tasks, for example, user and group administration as well as end point device administration. The other ten tasks can be staggering in nature — security, networked service administration, OU-Specific Management, Group Policy Object management and many more — and because of this can take up inordinate amounts of time,

To protect refugees, employees and supply transports—plus minimise costs—the Danish Refugee Council (DRC) wanted to standardise the management of Active Directory. After evaluating solution options, DRC deployed One Identity Active Roles. As a result, DRC established user templates and automated workflows for governing access for 7,000 global employees. Today, DRC can provision new users in an hour. IT staff have greater control over who can access which applications and data. And the organisation has increased staff efficiency, boosted savings and simplified regulatory compliance.

Active Directory (AD) is the foundation of identity and access management (IAM) at most organizations and, as such, is probably the most crucial technology on the network. More and more systems and applications depend on AD and Azure Active Directory (AAD) for authentication, policy, entitlements, and configuration management. If AD is insecure, everything is insecure.

Most organizations implement technology to do things better, deliver higher value, fulfill their mission and become more agile. After all, technology should make things easier. But often it seems that many IT initiatives slow operations and hamstring agility.

For some it’s all about streamlining the user experience through technologies and practices that make it easier for them to securely logon. For others, IAM is all about identity lifecycle management – ensuring that accounts are set up, modified, and retired in a timely, accurate, and secure manner, and still for others it’s focused on security and compliance through technologies and practices that make governance activities such as attestations easy and complete, or adding a layer of control and visibility to privileged accounts and “superuser” access.

When IT professionals talk about identity and access management (IAM), governance now dominates the conversation.

In years past when we talked about IAM, the hot topics were provisioning, single sign-on and role-based access control. But we must have gotten bored with those stale topics and needed something new to focus on.