Posts

Identity and access management policies

In many cases, adding personnel accounts and application is tedious, and involves inputting information about a new hire by hand, which could take days in some instances. Even then, some users may not have access to the applications they need, and often will have to log in using a colleague’s name and password while access was requested, cleared and granted. This is a huge security black hole for the enterprise. Implementing identity and access management software is a security process improvement that is essential in today’s corporate environment.
Identity and access management can also play a role in compliance issues. Using the native tools, all the audits involve the manual process of finding out who had access to what? Who authorized that access? When was it authorized? When was the last time they reset their password? Using an identity and access management application like the Active Directory Manager or the Active Directory Reporter will vastly improve and automate your audit process.
You may think a departed employee is gone forever, but if your organization doesn’t have a comprehensive identity and access management plan, you may be in trouble. Disabling user accounts during the employee termination process is a gaping flaw in most companies. Weeks, months and even years after an employee has left you can still see their names and personal information floating around. Compounding this security breach is the fact that in some cases, former employees’ accounts are still active. This access crisis can also happen when an employee changes jobs within the same company, but retains access to applications and information that isn’t appropriate for their new job anymore. If an identity and access management policy is too lax, it can create data loss and security breaches, and if the policy is too strict, employees who need access will simply find a way around it and defy the set policy.
If you’d like to talk more about the identity and access management policies in place at your company, please contact us directly.

IT Optimization

In the enterprise environment, having an effective Windows environment requires a large technology investment and employing the help of skilled engineers and technicians. Maintaining a robust, reliable and performing infrastructure takes analysis and planning. Leading publications surveying IT executives revealed common trends and priorities for CIOs and other IT executives. Top among them were: aligning IT with business needs and priorities, accuracy of information to comply with government regulations such as Sarbanes-Oxley, network security, measuring the value of IT investments, and IT governance. Needing to remain competitive, manage costs and improve IT efficiency, they continue to invest in new ways to manage the infrastructure. To be effective, their investments have to take the complexity out of Systems Management and enhance organizational flexibility.
When adopting new solutions, two issues that IT executives must address are improving operating efficiencies/cost reduction, and increasing the speed and flexibility of business. Thus, their IT organization adds value to the enterprise and is not just a cost center. According to Forrester, improving the efficiency of IT operations is a priority for 61% of SMBs. Looking at the larger picture, some of the drivers dictating IT spend priorities are: increasing efficiencies, reducing resource consumption, ensuring a quick integration/ implementation process, reducing the cost of maintaining the infrastructure and accelerate results that correlate to existing business needs. Among the highest priority are several IT Optimization initiatives such as standardizing processes, introducing new applications into existing IT infrastructure, and improving utilization of hardware and software.
CionSystems plays an important role in helping IT executives and their organizations tackle some of the issues discussed above. We designed flexible solutions that allow IT departments to maintain control of their networks while removing the burden of repetitive tasks and chasing errors. Our solutions free the IT resources that can be in turn better utilized supporting core business functions. The products are intuitive, user friendly, and easy to implement because they don’t require any specialized training. Our Active Directory Manager offers real-world help to reduce the complexity of the native directory tools and give users access to their resources anytime, from anywhere. With it, users will immediately improve the efficiency and eliminate the time spent chasing errors, searching through logs. The Active Directory Reporter provides help with regulatory compliance by offering a large library of preset reports, which can be customized to specific requirements. Improving operational efficiency and reducing the IT infrastructure maintenance costs means knowing when changes occur and what those changes are. Our Active Directory Change Notifier and System Information & Comparison products are ideally suited for that process.
CionSystems technology simplifies the Windows Server environment, so the IT Optimization is fast and easy, and the resulting solutions are inherently scalable.

AD management- working smart, not hard

For most people, managing the enterprise Active Directory may seem like an easy task. Why invest in, and use advanced tools to manage something that at first glance can manage itself? After all, a company doesn’t hire people and doesn’t add new resources everyday. Changing account settings seems easy, and controlling your IT infrastructure by creating group policies only has to happen once in a while, right? Most IT administrators would recognize these statements as being insufficient for their business, yet because of all the complexities and required scripting the same administrators have adopted a “live and let live” approach when dealing with the Active Directory.
When’s the last time you needed to search through its logs to determine who deleted what file? How long have you spent on restoring an AD object because someone accidentally deleted it? And even worse- how many hours or days have you spent figuring our just what report would satisfy your regulatory compliance and auditors? Most IT administrators agree that getting “centralized”, and having granular permissions management in a Windows environment can be difficult, if not impossible. Windows provides limited tools and even more limited documentation for managing the directory service. It also does not support the multi-layered permissions administration needed to satisfy modern business needs.
Due to the inherent complexities most administrators prefer to set the Group Permissions and add subsequent users to the group, giving them access to those resources. This simplistic approach is implemented because once they spend the time to set up the thousands of files, folders, AD objects and more, they can close the project and move on. In reality, keeping this updated takes a lot of time, and because of it, in most cases it gets overlooked. As a result this approach leads to an inflexible strategy. Consider this scenario: looking at a department, you set the group and give all the permissions needed to ensure they can do their job. Later, when a new product or feature is launched, you will need to split that department into 2 different groups. Wouldn’t you want a solution that allows you to do that right away and saves you the many hours needed to complete this project if you use only the native tools?
Windows alone can’t satisfy the all the modern business needs, and using a third party software is a must. Here at CionSystems we created solutions that extend the native functionality and give IT managers an easy way of dealing with the complexities inherent in Active Directory without the need for scripting. Our goal is to solve issues and scenarios such as the ones above and make Active Directory management a snap.
Furthermore, when considering all the business requirements- Reporting, Enforcement, Auditing and Analysis just to name a few- the need for implementing a complete solution such as the Active Directory Manager is obvious. With it, tasks such as managing users with their passwords and personal information; consistency in provisioning centralized configurations; troubleshooting and finding root causes to problems; canceling accounts; ensuring compliance and more, are made easy and straightforward. Starting with the easy to use and fully customizable Dashboard, administrators are able to delegate tasks through the IT organization. The Dashboard gives a central point where users can access and customize Reports, manage OUs, set Group Policies, manage users, perform quick Search and Replace functions and even manage settings for MS Exchange.
Analyzing the needs of each customer, we maximize their IT investment. We build decades of experience into every solution we design, giving our customers the tools needed to securely manage the health of their infrastructure with confidence.