Active Directory (AD) is Microsoft's directory server — the software that ties servers, workstations, network components, and users into a unified whole. Keeping it secure and well-maintained is key to stopping attackers' lateral movement and credential theft...and yet, AD management and security are struggles for many organizations.
With AD possibly sitting within any and every segment of the network, both users and hardware alike, what are the best practices for making sure that it doesn't become an attack surface on which threat actors can play?
(image source: lucadp, via Adobe Stock)
While some have said that Active Directory is dead, it remains a powerful part of most enterprise networks even while the move to the cloud, services, and serverless applications has continued. Part of the Windows Server software suite, AD is nearly ubiquitous in on-premises network deployments and expanding into cloud deployments through integration with Microsoft Azure, Google Cloud, Amazon AWS, and other public cloud instances. Though AD's use may well have peaked, it is far from an enterprise relic.
So what key practices will keep this not-relic from becoming a not-secure part of your network? While books could be (and active directory security neglected
