IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

A new age of asset management

Can migrating a business’ Active Directory to the cloud become a core resource as the consumerisation of tech continues?

Businesses are no stranger to Active Directory (AD). The identity and access management service has been relied upon by the vast majority of organisations for many years - 90% of them, according to Gartner - but a more agile approach is needed for the hybrid professional work environment that’s now very much a reality.

Indeed, the pandemic shook businesses from all corners and while AD was the reliable backbone of most organisations when all their workers bundled into the same building, the widened cyber attack surface of a hybrid workforce means there are now added complications when deploying AD across a business.

"Active Directory is like the spinal column of an enterprise and it must be closely protected,” explains Matt Lock, technical director at data security firm Varonis. “If an attacker manages to seize control of AD, they effectively hold the keys to an organisation’s digital kingdom and have privileged access throughout the domain, where they can cause serious damage.”

The issues boil down to visibility, it’s much more difficult to oversee all the assets within a business when its workers are so geographically fragmented. Factor in, too, the complexities that come with the rising popularity of bring your own device (BYOD) policies and the way in which workers customise their software with additional assets like add-ons from third-party marketplaces.

Related Resource

The IT Pro Podcast: A post-COVID cloud future

COVID has rewritten the rulebook for businesses - but will it last?

IT Pro Podcast: a post-COVID cloud futureListen now

Pushing more business processes to the cloud has traditionally been the easy, go-to approach for all-things digital transformation and the deployment of AD is no different. The cloud offers a swathe of benefits to businesses looking to maintain tight security controls across office and remote workers, including a more comprehensive view of the organisation’s digital assets and more streamlined security controls.

With the cyber security landscape now being so wide and businesses being targeted from all angles, it’s more important than ever to have the organisation’s asset management in top shape. Shifting AD to the cloud is the best approach for businesses looking to stay safe in a hybrid working world.

AD transformation

For most organisations, asset management pre-COVID was a relatively straightforward exercise in user and device tracking. Now the working and threat perimeter has moved to the homes of their workforce, keeping track of the entire IT estate and ensuring high levels of security are maintained has become much more complex. Migrating AD to the cloud can deliver more oversight and integrated support to users who need this to secure their equipment and network connections.

Related Resource

Sharpen your manufacturing competitive edge

Smarter asset management

Whitepaper cover with image of man in front of a factory machine holding a tabletFree Download

Dan Conrad, field strategist at One Identity, tells IT Pro: “Since the rollout in 2000, AD has changed significantly and the impact of Zero Trust campaigns will change this further. At its core, AD is an SSO (Single Sign-On) solution designed for an easy user experience by providing easy access to objects. Active Directory and Azure Active Directory (AAD) have changed the game a bit by still providing the good user experience but detaching some of the vulnerabilities. For instance, the idea of joining every corporate system to the AD is no longer necessary. AAD and solutions such as Intune allow management of the systems without the vulnerability that goes with every system being ‘trusted.’”

Many companies see the continued migration of AD to the cloud as the solution to the issues they face managing the array of assets their businesses use. With security front of mind, migrating an AD to a cloud platform can deliver a level of insulation from some cyberattacks.

The holistic approach to managing what could be a diverse range of devices now being used across your business, requires your control and security systems to change. Businesses are increasingly creating domain-joined and BYOD/non-domain-joined systems to give themselves the maximum flexibility with the assets their staff uses, simultaneously delivering a security infrastructure that is more resilient than a simple cloud or on-prem solution.

The business of consumerisation

The threat surface all businesses now face requires a new approach to network management and device security. As early as March 2020, IDC predicted that within two years, over 90% of enterprises worldwide will have a hybrid cloud deployment. As the COVID-19 pandemic took hold, there has been a rush to implement this approach, with businesses being pushed to radically alter how they manage their workforces and the technologies and services they use.

Related Resource

Achieve today. Plan tomorrow. Making the hybrid multi-cloud journey

A Veritas webinar on implementing a hybrid multi-cloud strategy

How to transition to a hybrid multi-cloud strategy - a recorded webinarDownload now

Rajesh Ganesan, vice president at ManageEngine, tells IT Pro: "A cloud-native hybrid IT infrastructure helps organisations respond to change and uncertainty better. That said, even as organisations move to a cloud-first or cloud-dominant approach, it’s important that application, infrastructure, and data security are not compromised.”

Alastair Pooley, CIO of Snow Software, adds: “As we switch to more SaaS applications, you either need to use Azure Active Directory (along with the relevant licenses) or something like Okta to provide that single sign on experience to your staff. Either approach allows you to maintain a corporate directory to control access to resources. It is worth noting that you should re-examine your endpoint security, as traditional group policy (GPO) doesn’t deliver for remote workers. Microsoft’s Defender ATP coupled with Intune is a powerful combination but again you need new licenses to deliver that.”

How your business will manage its human resources and digital assets in a post-COVID-19 environment remains to be seen, as enterprises have yet to make firm plans regarding where the vast majority of their employees will work from. Some workers will return to centralised offices. 

However, a high percentage will remain as remote workers. In this scenario, putting place a flexible and secure system to manage your company's assets is a sensible move. The agility migrating AD to the cloud can deliver is a desirable option. Review your business's asset management as it stands today. With some realistic forward planning, you will be able to create bespoke asset management protocols that are right for your staff, and the long-term security of your business.

This article was first published on 01/02/2021, and has since been updated

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Google rescinds mandatory vaccination policy for US staff
Business operations

Google rescinds mandatory vaccination policy for US staff

24 Feb 2022
How coronavirus has accelerated the digital transformation of Britain's public sector
public sector

How coronavirus has accelerated the digital transformation of Britain's public sector

28 Jan 2022
How to manage people successfully from a distance
Business strategy

How to manage people successfully from a distance

27 Oct 2021
Phishing emails target victims with fake vaccine passport offer
cyber crime

Phishing emails target victims with fake vaccine passport offer

21 Sep 2021

Most Popular

FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022