Link directory

Active Directory is an active vulnerability

Many organizations that use Active Directory (AD) fail to strengthen their security postures

Microsoft AD has been around for nearly a quarter of a century, and while many organizations across industries use it, few have adapted to the demand for stronger security postures.

Despite the fact that approximately 90% of Global Fortune 1000 companies use AD, only a quarter of them consider security a top priority for their organization. But malware breaches and attacks are happening with increasing frequency, in part because cybercriminals have identified it as a common target: AD is used by businesses, healthcare organizations, educational institutions, small businesses – pretty much everyone.

And so the risk of cyber attack is enormous.

Organizations with a) a large database of PII and b) legacy networks in place are particularly attractive targets for threat actors, due to the potential double ease of attack and significant gains. Unfortunately, this makes healthcare institutions, financial institutions and government establishments particularly attractive. However, these companies often have two characteristics:

  • Legacy applications and complex environments
  • Lack of internal AD expertise

Furthermore, the demand on IT teams within many organizations is already significant and, as other research has shown, the cybersecurity budget has not increased, despite the obvious need for additional resources.

What can organizations do to strengthen security within AD?

These days, regardless of industry or company size, it’s critical that your cyber defenses work better than the automatic settings that come with AD. For both the financial industry and healthcare organizations of all kinds, there are specific risks and risk management strategies.

Organizations must first realize that AD is a target and that built-in security systems are not enough to protect a company’s network. The origin of many breaches and ransomware attacks is simpler: many attacks, some as well-known and devastating as the Colonial Pipeline breach, came down to a single compromised identifier.

Poor password hygiene (for example, sharing passwords and reusing passwords between accounts) is one way for IT admins to improve AD security, but the primary solution is to find the information credentials compromised at the time of creation and on an ongoing basis.

If cracked passwords were not even allowed to enter an organization’s system, it would dramatically increase the proverbial “Security Grade” of the company.

Here’s how to improve your security posture today.

The post Active Directory is an active vulnerability appeared first on Enzoic.

*** This is a blog syndicated by Enzoic’s Security Bloggers Network written by Enzoic. Read the original post at: https://www.enzoic.com/active-directory-is-an-active-vulnerability/