{"id":41737,"date":"2021-01-28T12:40:44","date_gmt":"2021-01-28T12:40:44","guid":{"rendered":"http:\/\/icloud.pe\/blog\/?guid=bb10e9d03e6bb2988dd26f8ee03f760b"},"modified":"2021-01-28T12:40:44","modified_gmt":"2021-01-28T12:40:44","slug":"a-new-age-of-asset-management","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/a-new-age-of-asset-management\/","title":{"rendered":"A new age of asset management"},"content":{"rendered":"


\n David Howell<\/a><\/span>
\n <\/span><\/p>\n

\n
\n
28 Jan, 2021<\/span><\/div>\n<\/p><\/div>\n<\/div>\n

\n<\/a><\/p>\n

\n

The COVID pandemic has changed many aspects of IT, including how businesses manage their digital assets. For many organisations, Active Directory (AD) has for many years been a workhorse that could be depended upon when most of their workforce was centrally located, however the move to mass remote working means it\u2019s vulnerable to cyberattacks. Nevertheless, it remains a critical support mechanism for each worker connected to a company\u2019s network, which leaves IT teams in a tricky situation.<\/span><\/p>\n

According to <\/span>Gartner<\/span><\/a>, over 90% of businesses and organisations use AD, and it has become one of the most valuable assets they possess. However, as the business environment AD is used to manage has become more complex and geographically dispersed, the way it\u2019s deployed in most organisations must change.<\/span><\/p>\n

Businesses have also had to re-evaluate and redraw their digital transformation roadmaps to take into consideration how their processes have changed and what this means for their more comprehensive strategic planning. And while <\/span>bring your own device (BYOD)<\/span><\/a> has long been a security issue for organisations, the upheaval the pandemic has delivered opens a new series of logistical, human resource, and security challenges, as devices \u2013 both company and employee-owned \u2013 proliferate.<\/span><\/p>\n

“Active Directory is like the spinal column of an enterprise and it must be closely protected,\u201d explains <\/span>Matt Lock, technical\u00a0director at data security firm\u00a0Varonis. \u201c<\/span>If an attacker manages to seize control of AD, they\u00a0effectively\u00a0hold the\u00a0keys to an organisation\u2019s\u00a0digital kingdom and\u00a0have\u00a0privileged access throughout the domain,\u00a0where they can\u00a0cause\u00a0serious damage.\u201d<\/span><\/p>\n

The cloud has played a critical role in enabling businesses to scale and manage digital assets using AD as the primary management hub. However, companies\u2019 current deployments are likely to become fragile and vulnerable to attack; whereas until last year IT departments had a clear sight of each asset within a business and who has what level of access privileges, this view has moved out of focus with the sudden shift to mass remote working.\u00a0<\/span><\/p>\n

What\u2019s needed is a new approach beginning with migrating AD to a cloud service. Performing this migration gives businesses a more detailed view of your asset landscape and enables higher levels of security to be deployed and maintained.<\/span><\/p>\n

AD transformation<\/span><\/h3>\n

For most organisations, asset management pre-COVID was a relatively straightforward exercise in user and device tracking. Now the working and threat perimeter has moved to the homes of their workforce, keeping track of the entire IT estate and ensuring high levels of security are maintained has become much more complex. Migrating AD to the cloud can deliver more oversight and integrated support to users who need this to secure their equipment and network connections.<\/span><\/p>\n

Dan Conrad, field strategist at One Identity, tells <\/span>IT Pro<\/span>: \u201cSince the rollout in 2000, AD has changed significantly and the impact of <\/span>Zero Trust<\/span><\/a> campaigns will change this further.\u00a0At its core, AD is an SSO (Single Sign-On) solution designed for an easy user experience by providing easy access to objects.\u00a0Active Directory and <\/span>Azure Active Directory (AAD)<\/span> have changed the game a bit by still providing the good user experience but detaching some of the vulnerabilities.\u00a0For instance, the idea of joining every corporate system to the AD is no longer necessary.\u00a0AAD and solutions such as Intune allow\u00a0management\u00a0of the systems without the vulnerability that goes with every system being \u2018trusted.\u2019\u201d\u00a0<\/span><\/p>\n

Many companies see the continued migration of AD to the cloud as the solution to the issues they face managing the array of assets their businesses use. With security front of mind, migrating an AD to a cloud platform can deliver a level of insulation from some cyberattacks.<\/span><\/p>\n

The holistic approach to managing what could be a diverse range of devices now being used across your business, requires your control and security systems to change. Businesses are increasingly creating domain-joined and BYOD\/non-domain-joined systems to give themselves the maximum flexibility with the assets their staff uses, simultaneously delivering a security infrastructure that is more resilient than a simple cloud or on-prem solution.<\/span><\/p>\n

The business of consumerisation<\/span><\/h3>\n

The threat surface all businesses now face requires a new approach to network management and device security. As early as March 2020, <\/span>IDC predicted<\/span><\/a> that within two years, over 90% of enterprises worldwide will have a hybrid cloud deployment. As the COVID-19 pandemic took hold, there has been a rush to implement this approach, with businesses being pushed to radically alter how they manage their workforces and the technologies and services they use.<\/span><\/p>\n

Rajesh Ganesan, vice president at ManageEngine, tells <\/span>IT Pro<\/span>: “A cloud-native hybrid IT infrastructure helps organisations respond to change and uncertainty better. That said, even as organisations move to a cloud-first or cloud-dominant approach, it\u2019s important that application, infrastructure, and data security are not compromised.\u201d<\/span><\/p>\n

Alastair Pooley, CIO of Snow Software, adds: \u201c<\/span>As we switch to more <\/span>SaaS<\/span><\/a> applications, you either need to use Azure Active Directory (along with the relevant licenses) or something like Okta to provide that single sign on experience to your staff. Either approach allows you to maintain a corporate directory to control access to resources. It is worth noting that you should re-examine your endpoint security, as traditional group policy (GPO) doesn\u2019t deliver for remote workers. Microsoft\u2019s Defender ATP coupled with Intune is a powerful combination but again you need new licenses to deliver that.\u201d<\/span><\/p>\n

How your business will manage its human resources and digital assets in a post-COVID-19 environment remains to be seen, as enterprises have yet to make firm plans regarding where the vast majority of their employees will work from. Some workers will return to centralised offices.\u00a0<\/span><\/p>\n

However, a high percentage will remain as remote workers. In this scenario, putting place a flexible and secure system to manage your company’s assets is a sensible move. The agility migrating AD to the cloud can deliver is a desirable option. Review your business’s asset management as it stands today. With some realistic forward planning, you will be able to create bespoke asset management protocols that are right for your staff, and the long-term security of your business.<\/span><\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"

David Howell<\/p>\n

28 Jan, 2021 <\/p>\n

The COVID pandemic has changed many aspects of IT, including how businesses manage their digital assets. For many organisations, Active Directory (AD) has for many years been a workhorse that co…<\/p>\n","protected":false},"author":621,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-41737","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/41737","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/621"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=41737"}],"version-history":[{"count":3,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/41737\/revisions"}],"predecessor-version":[{"id":41744,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/41737\/revisions\/41744"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=41737"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=41737"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=41737"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}