Published: 25 September 2018
Summary
Organizations must prepare Windows Active Directory for the new era of hybrid, cloud and multicloud IT. This document provides technical professionals with guidance on preparing AD for a world in which an ever-increasing proportion of enterprise IAM functionality will be delivered from the cloud.
Included in Full Research
- Step 1. Streamline Logical Topology
- Common Topologies
- Active Directory Migrations
- Organizational Units
- Step 2. Clean Up Active Directory Groups
- Step 3. Implement Best Practices for Identity Governance and Administration (IGA)
- IGA Tools
- AD Management Tools
- ITSM Tools
- AM Tools
- Password Management Tools
- Step 4. Implement Privileged Access Management
- Least Privilege and Separation of Duties
- The Enhanced Security Administrative Environment
- Local Administrator Accounts
- Service Accounts
- Privileged Access Management Tools
- Multifactor Authentication
- Step 5. Implement MFA to Resources Integrated With AD
- Windows Hello for Business
- Passwordless Authentication
- Step 6. Integrate Non-Windows Systems
- Step 7. Implement Monitoring, Auditing and Analytics
- Step 8. Integrate With Azure AD
- Identity Integration With Azure AD
- Cloud-Only Enterprise Identities
- Authentication to On-Premises Applications
- Identity Management
- Windows 10
- Office 365 Groups
- Related Guidance