Posted on

Editor’s note: This publish may be the first in a number of posts about Azure Active Directory identity management. Check out the others below!

Where Organizations fail with Azure Active Directory management

Employed by AvePoint for the time being 2 yrs running, I’ve received an incredible chance to operate and fasten with organizations over the enterprise spectrum. From what I’ve learned to date, there are other stuff that bind organizations together than differentiate them with regards to effective SaaS management.

One theme I’ve observed across is really a consistent gap regarding effective Identity Management.

The majority of Microsoft’s identity management falls into solutions regarding Active Directory (AD). This publish may be the first in a number of blog entries concerning the guidelines around Identity Management, mostly regarding Active directory, its relationship with on-premises and cloud-based Microsoft solutions, and just how this affects effective SaaS from the technical, business process, and cost priority perspective.


Make sure to enroll in our approaching web seminar, “Office 365 Compliance for Healthcare, Financial &amp Other Tightly Controlled Industries” at 10 a.m. EST on April 25!


SharePoint, like most of the different solutions provided by Microsoft, depends upon on a range of software programs to operate correctly.

Vast troves of books, articles, videos, and blogs exist detailing expert discussion regarding guidelines in managing SharePoint and SQL, IIS, Home windows Server, .Internet, PowerShell, Visual Studio, and lots of other solutions. Identity applications within the Microsoft realm can certainly stand by itself alongside all these solutions.

I wish to concentrate on identity due to how imperative it’s for organizations to have it right the very first time, and constantly check, review, and modify its relationship with identity managementIdentity, in the end, may be the foundation process which helps user use of their corporate sources, content, and sensitive business data.

Effective Identity Management matters because identity is important for you to get things in any Microsoft solution provided to the company. In the get-go I see things frequently failing.

Azure Active Directory Identity Management Mistake #1

Azure Directory Test environments and production environments will vary!

Test Environments don’t reflect nor frequently sample production level permissions.

  • This can lead to delays in deploying solutions for finish users due to unanticipated complications between practice and reality of permissions and permissions management.

Azure Directory Management Mistake Two

Direct Control of Azure Directory permissions ought to be combined with caution. (What’s the proper way?)

Admins frequently make an effort to better control permissions via direct and centralized AD control. This really is frequently a dangerous way of management and it is an error for a lot of reasons, regardless of size the business, due to the following:

  • Centralizing permissions management exclusively into AD and AD admins inevitably results in process bottlenecks in changes to solutions offered.
  • Admins plan to mitigate discomfort from busy workers, but really rather risk numbing any discomfort of expertise, which frequently results in disuse of the solution since it is viewed as impossible to create work with small business.

Azure Directory Management Mistake #3

Admins neglect to instill an awareness around Azure Identity Protection and Management

Admins and also the business rarely discuss identity, despite its essential function in allowing access

  • Many people hired with a company are given a corporate identity, usually their email. This current email address may be the gateway for a lot of to gain access to sources, communicate, and do something.
  • Most users, especially worker managers, aren’t informed about the underpinning identity management rules in position in solutions for example Azure Active Directory. There’s grounds with this. Explaining these concepts can be challenging. This can lead to insufficient understanding around Identity Management and Azure information protection and frequently exacerbates the problem.

Azure Active Directory Management Mistake Number 4

Failure to Tweak Worker Lifecycle Management

The company worker lifecycle and also the identity lifecycle rarely match, departing to significant security gaps in access

  • New hires, employees retiring, or terminations are a continuing cycle at any business associated with a size. Rarely have I seen a highly effective process in position between Human Sources/Recruiting, Admins, and Identity managers concerning the beginning, middle, and finish of the employee’s lifecycle within an organization’s identity management system. This is when Automation and configuration management might help mitigate security lapses at organizations coping with turnover.

Azure Active Directory Management Mistake Number 5

Neglecting to begin to see the problem

The silo effect between Exchange, AD Admins, DB Admins, and SharePoint on-prem frequently results in disparities in effective administration due to how easy it’s to dive deep in managing aspects of these solutions, without realizing the fundamental unifier for those services: Identity.

Azure Active Directory Management Mistake # 6

Excess Devices results in Azure Identity Management problems

Using the proliferation of Take The Own Devices (BYOD) in to the workplace, identity access has become mixing between professional and personal regions of existence. It has brought to solutions regarding containerization of content on phones, however, still it hasn’t really solved the problem of identity, especially across different devices from Home windows to Apple iOS to Android, and much more platforms.

Azure Active Directory Management Mistake # 7

Not planning and controlling processes while in transition

  • We have seen lots of organizations going all-to the cloud. They’ve already transition periods where AD and submissions are hybrid. This may lead to a brand new opening for cloud services and management.

Azure Active Directory Management Mistake #8

Neglecting to De-active Users before licenses renew

Cost- Effective Identity Management is about better cash strategy.

  • On-Prem CALs in Azure Directory are among the essential ways Microsoft has priced solutions. Many an admin, myself incorporated, have frequently not unlicensed a free account quick enough when there’s turnover.
  • In O365, everything is just like complicated because it is on prem, however with even bigger potential ramifications. Exterior license access, permissions management, content leaks, security gaps and unauthorized use of poorly permissioned content are a few examples.
  • Cloud Solutions and SaaS solutions frequently depend on active users. This can lead to essential cash strategy elements when deploying both Microsoft and Microsoft partner solutions.

Like that which you read? Make sure to sign up for our blog to remain in the fold for those things Office 365, SharePoint and much more!