The webinar on February 25, 2025 offered valuable insights into the challenges and solutions surrounding IT security in Active Directory (AD) and on the file server. The hosts were Jan Engelmann and Thomas Erlbacher, who used their experience to present practical analyses and optimization strategies.
These are the contents of the webinar on 25.02.2025
Risks and challenges in AD and on the file server
- Historically grown IT structures lead to authorizations that are confusing and difficult to manage.
- Deeply nested folder structures make access more difficult and increase security risks.
- Unstructured data and outdated authorizations promote security gaps and inefficient work processes.
The importance of transparency and structured permissions
- Clear and flat structures facilitate administration and reduce risks.
- According to best practices, permissions should be granted at the highest possible level to minimize complexity.
- An in-depth authorization analysis uncovers weak points and enables targeted improvements.
Analysis and optimization strategies with migRaven
- The 3D data heatmap enables a visualization of data distribution and authorization depth. It was shown that deeply nested authorizations are difficult to manage and a limitation to a maximum of three to five levels is recommended.
- Authorization analyzes uncover inheritance interruptions, direct authorizations and unresolved security identifiers. A high number of inheritance interruptions complicates administration and increases security risks. A practical example showed that over 21.000 inheritance interruptions were identified in an initial analysis.
- Companies can Data Retention and Archiving Outsource unused data to reduce storage space and administration effort.
AD Clean-up and Group Management
- AD structures are often deeply nested and contain many unused or obsolete groups.
- The Permissions per user (Kerberos Token Size) were examined in the AD statistics. This involved analyzing which users have a particularly high number of group memberships, which can lead to problems with the token size. Executives in particular often have a disproportionately high number of authorizations, which represents a security risk.
- A conscious one reduction of group nesting improves performance and security.
- The identification and removal of no longer used user accounts and groups supports compliance and reduces risks.
Analysis and management of share permissions
- It was pointed out that authenticated users often have uncontrolled permissions on shares, which can lead to unwanted access.
- With the migRaven Analyzer you can Share permissions are checked and optimizedto close security gaps.
Initial analysis as the first step towards optimization
- Webinar participants have the opportunity to free initial analysis .
- AD and file server structures are examined to identify individual optimization potential.
- The results are summarized in a detailed evaluation and provided as a basis for decisions on optimization measures.
And finally ...
The webinar highlighted the need for structured authorization and data management to minimize security risks and ensure efficient IT processes. Companies that want to optimize their authorizations and data structure can register for an initial analysis and receive practical recommendations for action.
