Big news! The community will be moving to a new platform April 21. Read more.
Big news! The community will be moving to a new platform April 21. Read more.

The heat is on for IT in the face of new and changing regulation

Absent Member.
Absent Member.
0 0 3,294
0 Likes
I have a hunch that in 12 months, we will be looking back at 2010 and calling it the year of regulation. Now, to be clear, I can’t see the future nor can I do magic tricks, but I do agree with Ephraim Schwartz’s commentary in his article New regulations will soon swell IT workloads  - the workload associated with achieving and maintaining compliance in the face of a new and changing regulatory environment is going to land squarely in the lap of the IT folks. When I say IT folks, I mean existing IT folks, because the word on the street is that there is no room (or budget) for new headcount. Classic scenario of do more with what you’ve got, except in this case, it’s “do a lot more with what you’ve got”.

In 2010 and ensuing years, it will be more critical than ever to protect sensitive data (and I have a feeling that more data is going to be classified as sensitive going forward given many proposed regulations). And, as more organizations are faced with new and increased pressures to prove that they are compliant, IT departments will have a huge weight on their shoulders. Active Directory administrators in particular are charged with protecting critical and sensitive information, and at the drop of a hat they must prove that they’ve implemented processes and procedures to protect the data housed within. Needless to say, organizations face a delicate balance – stay ahead of the curve while maintaining budget, something that is never easy.

I know, I know – nothing I’m saying is earth shattering, but what may come as a surprise is that there is a way to alleviate at least some of the IT pain.

We’re seeing, as a result of interacting with customers, that Active Directory is increasingly becoming the central data store and gateway to other data stores, and it must be secured. The best way to secure information stored in Active Directory is to start by implementing administrative controls. If you can control who can access and manipulate data, it will improve your posture with the security teams and auditors. In addition, you need to institute mechanisms to detect when those controls have been breached or broken (yep, it happens to be the best of us.) Your ability to quickly detect unauthorized or malicious activity will drastically reduce the time it takes to remediate an unauthorized change. And finally, think automation. By automating the administration and maintenance of Active Directory, you can more easily reduce the probability of error and improve documentation of process, which those security and audit folks love.

In the face of ever changing regulations, IT is going to bear the brunt of the work and also be required to demonstrate regulatory compliance. In 2010, when you think Active Directory, and you will – it’s arguably the heart of your Windows environment, think control and think automation.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.