Why Every CIO Should Rethink Active Directory

The Importance of Active Directory

Itergy uses Active Directory (AD) as our primary tool for access management and to meet compliance standards. We’re very focused on AD, because we’re a hands-on, tactical company. Some of you may agree with that approach, and some of you may disagree with it, but this approach has worked very well for our clients over the years.

Our tactical approach to both AD and access management has resonated not only with Gartner, but also with a number of global organizations. Thus, my goal in this blog entry is to help you see AD in a different light.

The vast majority of companies are using AD for daily operations. In fact, according to some Gartner analysts, more than 95% of their clients are using it. But the question is: Are the clients looking at it as a strategic tool that provides a platform for compliance?

Our key challenge with AD is that it’s often an area that is overlooked and underfunded. AD is simply not seen as a strategic investment for the business, because the results of AD are often intangible. Managing people’s access to systems only becomes important when there is a cataclysmic event, like a merger or acquisition, or a security problem, or when the system breaks. The business sees more tangible results from their investments in a financial management system or a new piece of equipment, or by putting more money into a new product. IT often ignores AD too, since for the most part it just works silently.

A Strategic Perspective on Active Directory

Well, I’d like to change your view on AD. Let’s imagine that instead of being a repository for users and computers, it is a business application that holds the access keys to many parts of the business, including:

  • Financial information
  • Legal information
  • The strategic plan
  • Research and development data
  • Intellectual property
  • Information about the process control environment

If you look at AD in this light, does it change how important it is to your business?

As an IT business leader, some of your primary responsibilities are to keep the company’s operations up and running, ensure that security is taken care of, and ensure that the organization is meeting compliance laws.

I would like you to see AD as a primary means of ensuring compliance and security in your organization.  Over the coming months, different members of my team will share AD best practices in this blog to help you guide your organization to do AD better.

There are four key areas that we will home in on in the coming months:

  • Using AD as a base for data access governance
  • Using AD as a base for regulatory compliance
  • Data sanitation and the object life cycle in AD
  • Managing AD for service levels

I look forward to your comments over the coming months about this, and I welcome your feedback.

Get in touch.

Share your IT problem with us, we can help you solve it!