The world is different from five years ago. After the successful SolarWinds attack in 2020, where attackers gained access to Microsoft’s systems, Microsoft aligned itself with NIST’s approach towards a zero-trust architecture. This changes everything.
In contrast to previous security models, in Microsoft’s defense in depth approach Identity and Access is the first layer of defense. It needs to be top-notch.
This changes the way admins do identity management above all. Back in the era of MCSE, admins were taught that Identity and Access Management (IAM) consists of three A’s (Authentication, Authorization and Accounting), but within the Zero Trust security model, a fourth A becomes apparent: Administration.
About Zero Trust
Zero Trust can best be described as the approach to achieving an IT environment where all access is governed by explicit verification and the lack of implicit trust. It’s based on three pillars:
- Verify explicitly
- Use least privilege access
- Assume breach
Microsoft Tools and Solutions
While Microsoft is keen to provide tools to achieve the goals in these pillars, the licensing requirements for these solution are hefty.
Solutions like Defender for Identity (previously known as Azure Advanced Threat Protection and Advanced Threat Analytics) and Azure AD Connect Health offer monitoring and reporting capabilities in the last Zero Trust pillar (Assume breach), but do little to provide insights into what’s actually happening in Active Directory on-premises.
Their cloud-based models also present challenges for some organizations, as they need to share responsibilities with Microsoft on processing intimate data; their sign-in behavior.
ENow Software Tools and Solutions
This is where ENow Software comes in. ENow Software's award winning Active Directory monitoring and reporting solution, known as COMPASS, helps keep Active Directory safe. COMPASS offers two distinct capabilities:
- Proactive monitoring
- Real-time reporting
COMPASS monitors all critical components of Active Directory from a single pane of glass. Its synthetic transactions actively probe for faults and failures across all critical Active Directory components: domain controllers, replication, DNS, and more. It’s like having an automated health check running all the time alerting you to things that may need to be adjusted.
Its dark-mode web-based monitoring interface makes it ideal for OLED-based displays in SOCs and for other big-screen monitoring purposes. Its delegation model can be used to show a subset of monitoring results on displays towards more business-oriented admins.
The web-based interface can also be used on admin devices, where the intuitive drill-down interface makes for fast root cause analyses of any availability challenges.
COMPASS’ advanced reporting provides both real-time data and historical trends. This enables admins to accurately forecast necessary resources to meet growing demands and determine if service levels are being met. ENow Software’s solution provides a wide variety of Active Directory reports that are customizable to meet your organization's objectives and offer the same delegation granularity as in COMPASS’s monitoring.
If your organization has compliance requirements like SOX, HIPPA, PCI DDS, and others, these reports will make your life easier.
Your Zero Trust journey
On your Zero Trust Journey, your Azure AD’s multi-factor authentication, Conditional Access, Identity Protection, Continuous Access Evaluation, Privileged Identity Management and Identity Governance features ultimately will be front and center.
However, your Active Directory environment will also remain with you for the foreseeable future, too, and admins should not forget managing it well, as part of the 4th A (Administration).
ENow Software’s COMPASS helps admins address this challenge. Its monitoring features allow admins to paint the complete picture of their Active Directory’s health. The reports provide insights into usage and potential misconfigurations like an overcrowded Domain Admins group, stale users and computer objects that have never been used.
This way, at the basis of every Hybrid Identity implementation and fundamentally as an asset – not a liability – on your organization’s Zero Trust journey, Active Directory’s health is explicitly verified, its privileged access is managed and breaches are nipped in the bud.
– Did you just say Hybrid Identity?
ENow Software also provides solutions to monitoring AD FS and Azure AD Connect, when you want your organization’s entire Hybrid Identity stack monitored… but let’s discuss those capabilities another time.