Kmaupdates

Keeping ‘the keys to the kingdom’ secure: The critical need to safeguard your enterprise’s Active Directory

Views: 0

It is a given that most large enterprises use Active Directory – an on-premises directory service owned by Microsoft – to handle users, applications, data and various other aspects of their network. However, managing and securing Active Directory is extremely complex, particularly at scale within an enterprise, and presents IT security managers with the challenge of keeping threat actors at bay[1].

A breach of Active Directory through a ‘Golden Ticket’ attack means threat actors are granted almost unlimited access to an organisation’s domain – devices, files, domain controllers and more – by accessing user data stored there[2].

Stefan van de Giessen, Country Manager: SA and SADC at Exclusive Networks Africa, a global trusted cybersecurity specialist for digital infrastructure, explains: “Active Directory is a foundational piece of technology infrastructure for many organisations, but it can also present a serious liability in that it is an easier target for today’s cybercriminals.”

Managing Active Directory at enterprise level

IT managers are aware that, once an attacker gains a foothold in an organisation, they then require access to a privileged user account as the next step. The purpose of Active Directory is to enable IT departments to create and manage user accounts and control access to resources on corporate networks. With it, administrators can create and enforce security policies for the network.

Threat actors will therefore target users with high-level privileges to gain access to the information they are looking for. With access to these high-level privileges, an attacker can create dormant accounts, giving them backdoor access so that even if they are discovered they can return to the environment unnoticed – even being able to erase their forensic footprints as they move through an organisation’s network[3].

In addition to revealing user-level exposures, says Van de Giessen, Active Directory protection also extends to uncovering domain-level exposures as well as understanding device-level attack paths[4].

He adds: “It is extremely challenging to manage Active Directory securely within an enterprise, and requires significant expertise and ongoing attention, as well as the right tools. Fortunately, IT security teams are able to fight back with solutions to secure Active Directory environments, and thereby disrupt one of the common attack paths in both advanced persistent threats as well as ‘everyday’ breaches.

“Exclusive Networks Africa’s partnership network allows us to provide more than one solution to secure Active Directory environments and thereby assist organisations to disrupt the attack path. This holds true for both advanced persistent threats as well as more opportunistic breach attempts.

“We empower organisations to prevent attackers from gaining access to their Active Directory and Azure AD ‘crown jewels’, both on-premises and in the cloud, and identify attempts to expand access, establish persistence and move laterally,” Van de Giessen continues.

“Together with our vendor partners, Exclusive Networks Africa is able to offer Software-as-a-Service (SaaS) solutions with on-premises deployment options – allowing IT managers greater control over their data, as it is stored locally, and reducing concerns over sensitive data.”

Powerful partnerships to safeguard your Active Directory

Exclusive Networks Africa offers multiple consumption choices, with an omni-channel presence that includes options to buy – the traditional procurement method – as well as finance and leasing services, managed services, Infrastructure-as-a Service and finally customer experience on demand. Additionally, the company is on a quest to transform channel consumption by offering ‘everything as a service’, harnessing innovation and disruption to deliver partner value.

Van de Giessen notes that, as a value-added distributor, Exclusive Networks Africa prides itself on its partnerships with world-leading security companies that offer innovative, ground-breaking and disruptive solutions: “We have significant global resources at our disposal, backed by local expertise and experience, while our global reach and in-depth knowledge facilitate a lower cost to purchase, painless migrations and seamless project coordination.

“With regards to Active Directory protection, our partnerships allow security and IT professionals to see everything in the organisation’s complex Active Directory environment and find and fix weaknesses before attackers can exploit them, while also allowing incident responders to detect and respond to attacks as they’re happening.

“Keeping on top of the security of Active Directory is crucially important for businesses because the service ‘holds the keys to the kingdom’ by providing access to systems, applications and resources. An attacker’s ability to invade an organisation’s identity infrastructure is central to how secure your company actually is. Businesses must be aware of vulnerabilities and take steps to strengthen their Active Directory security, to keep their networks safe from cyberattacks,” he concludes.

For more information, please visit https://www.exclusive-networks.com/za/ or call +27 (0) 11 280 8400.

(Words: 780)

 

About Exclusive Networks

Exclusive Networks (Euronext Paris: EXN) is a global cybersecurity specialist that provides partners and end-customers with a unique combination of services and product portfolios via proven routes to market, leveraging the technical know-how of our teams. With offices in over 45 countries and the ability to serve customers in over 170 countries, we combine a local perspective with the scale and delivery of a single global organisation. Our best-in-class vendor portfolio is carefully curated with all leading industry players. Our services range from managed security to specialist technical accreditation and training, while capitalising on rapidly evolving technologies and changing business models. At Exclusive Networks, we believe that everyone has the right to live in a safer digital world based on the most innovative technology. For more information, visit www.exclusive-networks.com

Exclusive Networks is listed on the Euronext Paris stock exchange (Ticker: EXN).

For more information visit www.exclusive-networks.com.

 

 

Contacts:

Exclusive Networks Africa

David Wilson

+27 (0) 11 280 8400

Dwilson@exclusive-networks.co.za

 

 

 

[1] https://www.tenable.com/blog/disrupting-the-pervasive-attacks-against-active-directory-and-identities

[2] https://www.tenable.com/blog/disrupting-the-pervasive-attacks-against-active-directory-and-identities

[3] https://www.tenable.com/blog/disrupting-the-pervasive-attacks-against-active-directory-and-identities

 

[4] https://www.sentinelone.com/platform/singularity-ranger-ad/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top