Securing M&A Activity Using Active Directory
Despite the market turmoil caused by the COVID-19 pandemic, 2020 proved that mergers and acquisitions (M&A) are an essential part of business. Even in a challenging year, M&A deals in Q3 2020 reached a total of $896.3 billion; a 32% increase from Q3 2019. M&A activity is expected to increase again during 2021.
Consolidation through M&A is spurred by a number of factors, from stimulating growth to gaining a competitive advantage, but creating cost synergies is always a core part of any M&A plan. IT integration plays a big role in reducing costs, and companies often focus on integrating systems as quickly as possible. This can cause significant errors throughout the consolidation process, particularly when it comes to security.
One of the most common mistakes is establishing an Active Directory trust before conducting a cybersecurity analysis. Since 95% of Fortune 500 companies rely on Active Directory to manage their users’ access and credentials, companies are quick to combine Active Directory environments so employees from both organizations can share resources and work together.
However, rushing to combine the two environments doesn’t allow IT teams adequate time to determine which company has the more secure, more trusted Active Directory environment. In a merger or acquisition, one organization is almost always less secure due to either IT budget or infrastructure, which then puts the other Active Directory environment at risk.
Integrating both environments creates a pathway between domains, but without identifying the trusted versus untrusted environment, organizations may allow anyone from a malicious insider to a bad actor using compromised credentials to move laterally within the network.
Active Directory provides an array of additional security benefits for IT teams. By thoroughly reviewing both companies’ security policies before merging environments, companies can use Active Directory to ensure a secure transition.
Using Active Directory Life Cycle Management Tools to Strengthen M&A Security
Once IT teams have securely and successfully merged Active Directory environments, Active Directory has a number of tools that can help implement a secure consolidation. Since 80% of breaches involve weak or compromised credentials, IT teams need to ensure they’re leveraging Active Directory systems as the first line of defense against credential-based attacks. It’s also important to remember that over-entitled accounts are often the cause of a breach; accounts can only be breached if an attacker can access them.
To ensure IT teams are taking full advantage of the security capabilities of their Active Directory environments, here are five ways to use Active Directory life cycle management (ADLM) tools to increase security posture.
- Creating an Undo Button: ADLM tools can provide an undo capability that allows companies to make the IT transition quicker. With changes in the network happening so rapidly, it’s common for mistakes to occur during the consolidation. Instead of poring over a complex script for hours or taking a company’s network down entirely and then restoring it, IT teams can turn to ADLM tools when an issue occurs. By allowing IT reams to undo recent tasks, ADLM tools can fix a problem in a few minutes rather than days, or even weeks, which helps ensure security remains a priority.
- Creating a Foundation: Active Directory acts as a foundation that connects all other migration tools. By creating a dedicated area to manage Active Directory and all related accounts, IT teams can build automated workflows to standardize processes and procedures. This can replace the individual scripts engineers would otherwise write on the fly during the consolidation, and, in turn, free up time to ensure all necessary security procedures are in place.
- Tightening Credential Management: Organizations are constantly provisioning and de-provisioning user accounts for new hires or because individuals leave the company, and mergers and acquisitions compound this process. ADLM tools can automate the access management process and provision users in any number of domains, making it simpler for IT teams to merge both companies’ employees into a single system. This allows more accurate tracking of user access and entitlements, which can identify and stop suspicious behavior more quickly.
- Enforcing the Principle of Least-Privileged: Active Directory systems often contain data spanning many generations of administrators and the standards and privileges of access for those accounts differ from company to company. It can be challenging to understand and manage who should have access to what part of the network. Once the Active Directory environments have been merged, IT teams can clean up and unify administrator data across both companies’ platforms before it migrates to other systems. By cleaning and organizing systems before a full integration, IT teams can validate that the correct data is in the right place and can access the appropriate workflows and standardized policies. Users should start off with zero rights, and roles and rights should be applied by IT as needs arise. Starting users with a bare minimum of access makes it easier to ensure that risk is mitigated and systems are secure.
- Leverage Zero Trust: Using AD and AAD to springboard into a Zero Trust security model involves eliminating the sharing of privileged passwords. Users should be authenticated individually and dynamically for every administrative action. Credentials should only be checked out when needed, after all the right approvals are procured, and only for a specified purpose or a specified period of time. The key to achieving Zero Trust is ensuring that the credentials don’t exist until requested, and should be de-provisioned immediately after use.
Mergers and acquisitions are complicated enough, but conducting a cybersecurity audit and using Active Directory can ensure a smooth transition and strong security posture for IT teams and their organizations.
