Language: EN | FR | 中文版

The Insider Threat Security Manifesto Beating the threat from within

Active Directory users’ security awareness

How aware are the IT professionals using AD of its security loopholes?

We asked the IT decision makers that had told us their organisation is using AD if they strongly agreed, agreed, disagreed or strongly disagreed with a number of statements.

There are no security holes in Microsoft Active Directory

The first was the statement ‘there are no security holes in Microsoft Active Directory’, with which the marginal majority (51%) agreed.

We then asked the following –

Microsoft Active Directory is the best solution for managing users on my network

It is impossible to manage concurrent logins on Microsoft Active Directory

My user access policy on Microsoft Active Directory is effective

I am always looking for any solution that can improve Active Directory security

  • Strongly agree
  • Agree
  • Disagree
  • Strongly disagree

We can see here that clearly, AD is popular with its users; they overwhelmingly believe that it is the best solution for managing their networks.

However, they seem to be split on the topic of its security strengths. It’s concerning that the majority are unaware of any security loopholes, but more worrying that an even larger majority (69%) believe it is possible to manage concurrent logins in AD. Although it is technically possible to view concurrent logins, using custom scripts, it is not possible to limit or prevent them in a secure or effective manor.

We then see that nearly 9 in 10 (84%) believe that their user access policy is effective.

This leads us to believe that even among the 49% who acknowledged AD may have security loopholes, many don’t know what those loopholes might be.

The good news however, is that despite the fact that 84% told us their AD user access policy is effective, a similar figure of 83% are always on the look out for a solution that can improve AD’s security.