Posts

Security and Flexibility in the corporate IT environment

IT managers have a tough job ahead of them. Having to keep the company’s workstations and servers secure and at the same time providing a flexible work (technology) environment that will handle exceptions as they come up.  It’s a tall order. The first instinct is to make the workstation so secure that it’s unusable. On the same token, a workstation that’s too flexible is more likely to pose a huge security risk.
A good IT manager can achieve a balance. In the enterprise the policies are usually created in a ‘top-down’ fashion, which basically means that the corporate standards can impose strict protocols. There are many reasons for having these protocols and standards:
– Reduced cost for deployment: standardizing means less work for IT
– Reduced troubleshooting time: IT staff has an easier time figuring out what’s wrong
– Best practices and optimization
Unfortunatelly you can’t have one standard that fits all cases. Additionally, even though corporate sets the standards, those policies are not always followed or implemented uniformly. Some of the reasons for non-compliance are:
– The need for autonomy: shrinking budgets resulting in limited support
– Different demands for flexibility within different departments
– Lack of understanding of corporate protocols
Many IT managers buy into the idea of implementing expensive tools to solve these problems not realizing that an excellent way of establishing control is through Microsoft’s Group Policy that is built into Active Directory. To fully configure the Group Policies that will fulfill both the IT and business requirements, IT managers need third party applications like the Active Directory Manager. The Active Directory Manager makes Group Policy Management a snap by simplifying the process, and ensuring the flexibility and granularity needed.
Ultimatelly, implementing a cost-effective application like the Active Directory Manager will drive efficiency, decrease downtime and ensure compliance with corporate policies and protocols.

Quick note about Group Policies – Server 2003 vs. Server 2008

A major issue in Server 2003 implementations of Group Policies is the huge amount of space they take up. For each Policy, there’s a corresponding .ADM file. The .ADM file supports only the English language, and it’s also 3.5MB in size. Not much right? When you consider that for each policy you have, there’s a new .ADM file and another 3.5MB, you can see how this can get out of control. For example, let’s say you have 200 policies– that’s 700MB of extra data that you have to back up. Even if you only have 100 policies, that’s still 350MB.
Server 2008 offers a new way of dealing with this issue. In Server 2008 you can use ADMX files, which are based on XML- more lightweight by comparison. With the new ADML files, you now also have multiple language support.
The Active Directory solutions we provide will help with your Group Policies management. Contact us for more information.