Technology & Tools

New Freeware Exposes Active Directory Permissions

IT auditing software provider Netwrix released a free tool to help security teams reduce risk of inside jobs by reporting permissions in Active Directory and file shares.

Netwrix today released freeware that lets IT security administrators discover who has access to what in Active Directory and file shares. The move comes as a growing number of security breaches are a result of inside jobs by current and former employees.

Citing the PWC 2015 global State of Information Survey, Netwrix noted that one third of organizations said inside jobs do more damage than incidents coming from the outside. Moreover, Netwrix pointed to last year's Verizon Data Breach Report, which found that 8 percent of data breaches come from insiders or misuse and 88 percent of those breaches are the result of those who abuse permissions.

Netwrix and others point out these incidents can be prevented by seeing who has permissions -- especially an excessive amount of access to systems. The new free Netwrix Effective Permissions Reporting Tool scans Active Directory domains and file shares to discover the inordinate number of permissions or malicious activities and generates reports that can be used for either internal or outside compliance audits, the company said.

The company is promising the tool will remain free and like all software providers who issue freeware, Netwrix is hoping some will upgrade to its more robust Netwrix Auditor change and configuration auditing suite. "Strengthening IT security is a question of both trust and control," said Netwrix Founder and CEO Michael Fimin, in a statement. "Insiders are very hard to detect, which is why they are a nightmare for any organization."

Netwrix Effective Permissions Reporting lets security administrators investigate a user or group to ensure they have appropriate permissions, according to the company. The tool is available for download.

About the Author

Jeffrey Schwartz is editor of Redmond magazine and also covers cloud computing for Virtualization Review's Cloud Report. In addition, he writes the Channeling the Cloud column for Redmond Channel Partner. Follow him on Twitter @JeffreySchwartz.

Featured

  • Office 365 Attack Simulator Now Supports Attachments

    The Attack Simulator in Office 365 tool has been updated and now has the ability to include message attachments in targeted campaigns, according to a Friday Microsoft announcement.

  • How To Disable Touch Input in Windows 10

    When the touchscreen on your Windows 10 laptop goes bad, there's no reason to throw that baby out with the bath water.

  • Microsoft Previews Windows VM Authentications via Azure Active Directory

    Microsoft on Thursday announced a preview of remote authentications into Windows-based Azure virtual machines (VMs) using Azure AD credentials.

  • Windows Server 20H1 Getting Smaller Containers and Faster PowerShell

    Microsoft is promising to deliver a smaller container size and improved PowerShell performance with its next release of Windows Server.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.