Search Security: An Oxymoron
November 18, 2008
ZDNet runs a nifty feature called IT Facts. Every day, the ZD editors and writers post interesting statistics. Now if you have a knack for numbers, you can make those equations sit up, roll over, and play dead. Despite the “flexibility” of statistical methods, I found “42% of Organizations Reported Unauthorized Access to Their Active Directory.” If you don’t know what an AD or Active Directory is, click here and drink deeply of the information. If you are in a hurry, its a gizmo Microsoft cooked up to make security quick and easy for certified Microsoft engineers to set up. According to Osterman Research, found security loopholes in two fifths of the sample’s servers. Think about third party search systems that “look” at AD and use it to manage user access to search. In my opinion, problems with one percent of the accesses warrants concern on my part. I know folks are rushing to SharePoint, but could Active Directory be this bad? I hope not. My hunch is that anyone with a Microsoft AD will want to do some checking.
Stephen Arnold, November 18, 2008