The hidden danger of manual authorization assignments

In recent Exchange hacker attacks, one of the attack tactics is often the creation of new AD groups that gain access to the file servers. This gives hackers access to secret elements. Especially the manual assignment of permissions makes it difficult for an admin to recognize which changes were made from the outside and which from the inside. Accordingly, it can take a long time to identify which groups belong to the “bad guys”. Valuable time is wasted in this process, during which vast amounts of sensitive data can be tapped. Another countermeasure would of course be to temporarily paralyze everything, but the disadvantages of such an action should be obvious. And after these measures, in the end it is still not clear from where exactly the rights and groups came and who inserted them. This means that effectively closing the security gap in order to prevent future attacks in the long term will be costly and complicated.

With the Access Manager, this vulnerability is eliminated. The automatic SET-ACTUAL comparison detects AD groups and not only deletes them directly, but also creates detailed documentation. This makes AD groups easily traceable and closes security gaps. This effectively prevents further damage.

Access Manager positions itself as the primary data source of the authorization system. All changes that have been stored in the Access Manager and set by means of a workflow are finally implemented in the system. All other AD groups and permissions are removed, extensively audited, and can be thoroughly investigated and tracked with comprehensive reports, even after the fact.

However, if you wish to set up access rights directly, this is possible. Portals for administrators and direct authorization assignments are also available within the Access Manager. The TARGET-ACTUAL comparison can be triggered here immediately and the desired right can be implemented in the system immediately – as a primary data source, traceable and secure.