Since 2012, Jonathan Blackwell, an engineer and innovator, has provided engineering leadership that has put GroupID at the forefront of group and user management for Active Directory and Azure AD environments. His experience in development, marketing, and sales allows Jonathan to fully understand the Identity market and how buyers think.
The shift to the cloud has many organizations focused on the productivity features available in a given cloud suite. And M365 is no exception. There’s a long list of applications in M365 – a list that’s continually growing. But, Using M365 isn’t just about productivity; it’s also about security and control for IT. And, like…
At the core of every environment that is designed to make people productive is the need “under the hood” to be able to establish what users of that environment can do, what they can access, and – in many cases, how they can easily communicate with other users. The long-standing methodology (with a few exceptions…
Directories, How Many Are You Really Managing? Directories came from a simpler time – one where a single, on-premise directory was enough. But recent shifts in how businesses leverage technology – such as the digital transformation, and the move to cloud-based applications and infrastructure – have given way to use of SSO (link), concepts like…
In my last article, I introduced the merits of using Single Sign-On within your organization. In it, I discussed the possible security gaps that can multiply as you, in essence, extend your on-prem directory service to include multiple directories. And, while there are security benefits for using SSO – centralized policies and administrative work (which…
Here at Imanami, we’ve spent the last number of years talking about the need to keep Active Directory secure. While still a valid and pertinent message today, a lot of changes in the industry give us pause to consider Active Directory’s role in the larger picture, and to reflect on how the very same group…
Because of the lack of attention groups get throughout their lifetime, one of the greatest security risks an organization faces is when a group lives too long. Think about it – you have groups that exist today that, despite having a clear understanding of the logic behind its membership, you have zero idea why it’s…
One of the greatest faults in the architecture of AD is the complete lack of documenting when someone assigns permissions to it. You know what I’m talking about – you’re in SharePoint, or on a file server and you add some permissions to a resource. You grab a list of users and groups from AD,…
If I was to ask you who are the members of a given group with permissions to some sensitive application or data set (one other than, say, Domain Admins), you probably don’t know the answer to that. It’s a bit of an unfair question, as none of us strive to memorize the membership of any…
We’ve spent a lot of time and effort on this blog working to educate you on best practices around specific aspects of AD group management, such as roles for delegation, the use of dynamic memberships, defining Active Directory health, and more. All of these blogs are part of a larger view of groups – one…
I recently wrote about the cost of managing Active Directory groups, where a look was taken at how calculating what it truly costs your organization to manage groups within AD. For organizations large and small, the costs (relatively speaking) are material. And those material costs only revolve around IT reacting to the requested changes made…