Category: Active Directory

Its not a standard until its written down

Mystery Colleague

Lets preface the phrase “Best Practise”. In IT best practise often depends on the environment and the organisations appetite for best practise. In an every growing industry the need for security continues to exponentially increase year on year.

I have tried to create a boiler plate template that can grow or shrink with the organisation’s needs and requirements. This helps maintain some semblance of security while balancing usability.

The second challenge I often find is that large scale infrastructure grows organically and rarely has a master road map. As needs and requirements arise adhoc changes are made. Worse still, when people try to implement least privilege it doesn’t work the first time and suddenly accounts that shouldn’t need it become administrators and domain admins.

Lastly when people try to implement a best practise project it fails due to the amount risk it can carry, inertia that needs to be overcome and lack of priority. Everyone knows that security and best practise should be implemented and adhered to, just like we all know we should be checking and topping up the oil in our cars. The reality is we all put it off until the warning light comes on and sometimes that can be too late.

Setting Standards

A colleague once said to me “its not a standard until is written down”. The first thing is setup some standards, naming conventions, and processes. Even if this initially is a loose framework it allows everyone to work towards the same goal. Make sure the document goes through whatever change process you have to get corporate endorsement and provide the standard some gravitas.