Active Directory Security Assessment

 Active Directory Security

During an Active Directory Security Assessment, LCM conducts a Risk Assessment against an organization’s Active Directory environment.

The Active Directory Security Assessment determines whether the current configuration provides:

  • Adequate security to safeguard client data from possible data loss.

  • Privacy issues.

  • Other related issues caused because all of the associations are working in the same Domain Organization structure.

Having this architecture severely limits the ability to containerize information so that it is not easily or accidentally exposed or even accessed inappropriately by staff that are not authorized to do so.

This exercise is also crucial to ensure that entities responsible for the Active Directory Security management fulfill their obligations. This is an industry best practice known as “Trust but Verify.”

 Get Started on Your Active Directory Assessment

APPROACH TO ACTIVE DIRECTORY SECURITY ASSESSMENT

LCM’s Active Directory Assessment is designed to provide:

  • A risk assessment as part of the evaluation of the adequacy of the current Active Directory implementation and management; and design of security controls.

  • An independent assessment of the operating effectiveness of the security controls.

  • Actionable and feasible recommendations for improvements.

As part of this audit, LCM will review the following documentation:

  1. Network Diagram

  2. Documentation related to current AD structure

  3. List of current users and associated organizations from HR

  4. Documented access controls based on “Need to Know”

  5. List of approved users with Admin level access

  6. VM Workstation/Server to install tools

ACTIVE DIRECTORY SECURITY ASSESSMENT DELIVERABLES

LCM prepares and presents an audit draft of the Security and Risk assessment, along with Recommendations. The customer reviews the initial draft and provides feedback. Based on this feedback, a Final Report will be created that is ready for presentation to executives.

ACTIVE DIRECTORY SECURITY ASSESSMENT DELIVERY TEAM

Lead Assessor: An Information Security expert, possessing various certifications and a degree in information security. The assessor has a thorough understanding of infrastructure technologies associated with an Active Directory environment.

Virtual CISO: An Information Technology leader with over 20 years of experience in Cyber Security consulting and Managed Security Services, with CISA and CRISC certifications.

Report Writers: Will develop final reports based on the findings of the assessment.

Connect with Our Experts to Start Your Active Directory Assessment