{"id":329,"date":"2014-09-17T18:45:21","date_gmt":"2014-09-17T18:45:21","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=329"},"modified":"2014-09-17T18:45:21","modified_gmt":"2014-09-17T18:45:21","slug":"common-cause-of-identity-and-access-management-failure-active-directory","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/","title":{"rendered":"Common Cause of Identity and Access Management Failure: Active Directory"},"content":{"rendered":"<p><a href=\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Common-Cause-of-Identity-and-Access-Management-Failure-Active-Directory.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Common-Cause-of-Identity-and-Access-Management-Failure-Active-Directory-300x135.jpg\" alt=\"Common Cause of Identity and Access Management Failure Active Directory\" width=\"300\" height=\"135\" class=\"alignleft size-medium wp-image-333\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Common-Cause-of-Identity-and-Access-Management-Failure-Active-Directory-300x135.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Common-Cause-of-Identity-and-Access-Management-Failure-Active-Directory.jpg 600w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a>Over at Network World Johnathan Sander, Strategy and Research Officer at the data collection, analysis and protection company STEALTHbits has some advice for companies that think they can easily integrate their Active Directory with an Identity and Access Management solution. Failure of IAM initiatives has been a common problem over the last several years, but Sander writes that only recently has it become clear that the cause for many of those failures stem from contorted Active Directories. While most business and even many IT folks think that their Company&#8217;s Active Directory is in great shape, Sander says the reality is different:<\/p>\n<blockquote><p>AD has so many layers of failure resistance, it\u2019s natural that it doesn\u2019t show any cracks in day-to-day operations. That\u2019s why when people want to use AD as part of a larger initiative, they\u2019re so surprised that those closest to AD say it\u2019s too much of a mess to easily achieve what they want.<\/p><\/blockquote>\n<p>When line of business folks try to implement Active Directory log ins for accessing cloud platforms without talking to the IT folks who handle AD, they often:<\/p>\n<blockquote><p>find out there is a morass of trusts and domains hidden from their view which complicates things. Data center folks move forward with huge virtualization roll outs and get tripped up by redundant and even recursive structures in AD group memberships. And more near and dear to my heart are all the identity &amp; access management (IAM) projects which have come to a crashing halt when they run to integrate AD as their first platform, only to have their plans dashed by the complexities of AD structure.<\/p><\/blockquote>\n<p>How is this happening? Sander gives us an example of the troubles that can arise from an unkempt AD. He talks about one client, an unnamed large financial services company that is trying to &#8220;roll out certifications for both applications and unstructured data:&#8221;<\/p>\n<blockquote><p>Like most organizations of their age, size, and type, they\u2019ve had their fair share of mergers and acquisitions, reorganization, and layers of IT infrastructures. So of course they have a big, cross wired mess at the heart of their Active Directory.<\/p><\/blockquote>\n<p>That &#8220;cross wired mess&#8221; prevents your AD from integrating with those cloud platforms you want to include as &#8220;there is no clear way that access is granted to unstructured data resources.&#8221;Other problems also crop up,\u00a0 like overlapping group membership and group authorizations, which can lead to employees retaining access to data even after they have been removed from a group, among many bad outcomes.<\/p>\n<p>So how do you avoid Active Directory causing your IAM initiative to fail? One answer according to Sander is to optimize your Active Directory first, by cleaning up a lot of the unplanned, unorganized growth that occurs over the years. Before you complete such a potentially herculean task, however, there are a few pieces of IAM you can still put in place to get something while you wait for AD to untangle: &#8220;You can get some amount of certification, self-service, and other key IAM pieces done even with AD in its current poor state,&#8221; according to Sander. On the other hand, you&#8217;ll never finish a full IAM implementation until you get AD untangled:<\/p>\n<blockquote><p>What this all means is if you ever plan to truly complete the journey of identity and access management, then you will need to also take the journey of AD optimization. Our friends at the financial firm understand this. Luckily for them and us, they are planning ahead to optimize their AD security model as a phase two for this program. Let\u2019s hope the business agrees with the wisdom of that.<\/p><\/blockquote>\n<p>May more businesses agree with the wisdom of that, so that we can have fewer Identity and Access Management implementation failures.<\/p>\n<p>For Sander&#8217;s piece at Network World. click <a href=\"https:\/\/www.networkworld.com\/article\/2602877\/access-control\/a-common-theme-in-identity-and-access-management-failure-lack-of-active-directory-optimization.html\" target=\"_blank\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Over at Network World Johnathan Sander, Strategy and Research Officer at the data collection, analysis and protection company STEALTHbits has some advice for companies that think they can easily integrate their Active Directory with an Identity and Access Management solution. Failure of IAM initiatives has been a common problem over the last several years, but [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":333,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Common Cause of Enterprise IAM Failure: Active Directory<\/title>\n<meta name=\"description\" content=\"Avoid your Identity and Access Management implementation&#039;s failure by cleaning up your Active Directory, according to Johnathan Sander of STEALTHbits.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Doug Atkinson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/\",\"name\":\"Common Cause of Enterprise IAM Failure: Active Directory\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Common-Cause-of-Identity-and-Access-Management-Failure-Active-Directory.jpg\",\"datePublished\":\"2014-09-17T18:45:21+00:00\",\"dateModified\":\"2014-09-17T18:45:21+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\"},\"description\":\"Avoid your Identity and Access Management implementation's failure by cleaning up your Active Directory, according to Johnathan Sander of STEALTHbits.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Common-Cause-of-Identity-and-Access-Management-Failure-Active-Directory.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Common-Cause-of-Identity-and-Access-Management-Failure-Active-Directory.jpg\",\"width\":600,\"height\":270,\"caption\":\"Common Cause of Identity and Access Management Failure Active Directory\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Common Cause of Identity and Access Management Failure: Active Directory\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\",\"name\":\"Doug Atkinson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g\",\"caption\":\"Doug Atkinson\"},\"description\":\"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.\",\"sameAs\":[\"https:\/\/solutionsreview.com\"],\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/doug-atkinson-4\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Common Cause of Enterprise IAM Failure: Active Directory","description":"Avoid your Identity and Access Management implementation's failure by cleaning up your Active Directory, according to Johnathan Sander of STEALTHbits.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/","twitter_misc":{"Written by":"Doug Atkinson","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/","url":"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/","name":"Common Cause of Enterprise IAM Failure: Active Directory","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Common-Cause-of-Identity-and-Access-Management-Failure-Active-Directory.jpg","datePublished":"2014-09-17T18:45:21+00:00","dateModified":"2014-09-17T18:45:21+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae"},"description":"Avoid your Identity and Access Management implementation's failure by cleaning up your Active Directory, according to Johnathan Sander of STEALTHbits.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Common-Cause-of-Identity-and-Access-Management-Failure-Active-Directory.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Common-Cause-of-Identity-and-Access-Management-Failure-Active-Directory.jpg","width":600,"height":270,"caption":"Common Cause of Identity and Access Management Failure Active Directory"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/common-cause-of-identity-and-access-management-failure-active-directory\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Common Cause of Identity and Access Management Failure: Active Directory"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae","name":"Doug Atkinson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g","caption":"Doug Atkinson"},"description":"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.","sameAs":["https:\/\/solutionsreview.com"],"url":"https:\/\/solutionsreview.com\/identity-management\/author\/doug-atkinson-4\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/329"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=329"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/329\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/333"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=329"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=329"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=329"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}