News

Active Directory Use Profiled in Study

IT pros mostly manage their Active Directory groups manually, according to an industry-sponsored study published late last month.

The study, conducted by Osterman Research in April for Livermore, Calif.-based Imanami, found that nearly 59 percent of participants manually maintained groups using Active Directory (AD). Another 33 percent said that they used a mix of manual and automated methods. Just eight percent used a purely automated system.

Osterman Research received surveys from 155 participants in organizations managing a mean of 750 e-mail users each. Survey participants either had to be AD users or knowledgeable about using AD in their organization.

AD is used as part of Windows to set up network permissions for users, such as granting access to folders and files. One of the points of the survey was to determine how "painful" it was to accomplish such tasks. Most respondents felt that updating groups in AD was "not too painful" (47 percent). Other responses to that question included "somewhat painful" (27 percent), "not painful at all" (16 percent) and "painful or very painful" (10 percent).

The pain points were indistinguishable between those manually updating AD groups and those using automated processes. "This tells us that current, automated methods of updating groups on AD do relatively little to alleviate the pain of group updates," the study concluded.

The study estimated that it was taking an IT administrator about 8.3 mean person-hours per 1,000 users to manage groups using AD. At a salary of $80,000 annually for an IT administrator, the cost for such AD support is about $16,600 per year. Imanami's interest in such details is that the company provides an automated identity management system for use with AD. Imanami is a Microsoft Gold Partner that specializes in group lifecycle management products supporting both AD and Microsoft Exchange.

Most organizations are using AD groups to grant access to folders and files (93 percent), systems (78 percent), group-level Group Policy Objects (73 percent) and sending e-mail to groups (66 percent). In addition, 56 percent of respondents said that they use AD groups to grant SharePoint access. Imanami sees this later finding as a reason for organizations to better enable real-time AD updates.

"As the amount of corporate content migrates to SharePoint, and as the consequences for data breaches become more severe, keeping groups updated in AD in a near real-time manner becomes crucial," said Robert Haaverson, Imanami's CEO, in a released statement.

The study is called "Survey Results for Imanami" by Osterman Research. Imanami describes the study's results in greater detail here.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Malwarebytes Affirms Other APT Attack Methods Used Besides 'Solorigate'

    Security solutions company Malwarebytes affirmed on Monday that alternative methods besides tainted SolarWinds Orion software were used in the recent "Solorigate" advanced persistent threat (APT) attacks.

  • How To Fix the Hyper-V Read Only Disk Problem

    DOS might seem like a relic now, but sometimes it's the only way to fix a problem that Windows seems ill-equipped to deal with -- like this one.

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

comments powered by Disqus