Enzoic boosts Active Directory security with new features

Enzoic has announced an updated version of its Enzoic for Active Directory solution, which enhances password integrity and alleviates the workload on IT teams.

This tool supports continuous monitoring, identification, and remediation of unsafe credentials by checking username and password combinations in Active Directory against Enzoic's evolving database. The goal is to help organisations eliminate weak, exposed, or shared passwords, diminishing the likelihood of account takeovers.

A study by Verizon's Data Breach Investigations Report (DBIR) revealed that compromised credentials continue to be a primary method for cybercriminals to gain access to company networks. Active Directory remains a favoured target, with 50% of organisations experiencing an attack. This, combined with the persistent issue of password reuse, underscores the necessity for constant monitoring and risk identification.

The newly enhanced version of Enzoic for Active Directory offers detailed insights to ensure the IT environment remains secure from exposed or weak passwords before they become vulnerabilities. The tool automates monitoring and detection processes, thus reducing the burden on IT teams while maintaining a seamless experience for employees.

Mike Wilson, founder and Chief Technology Officer of Enzoic, commented on the growing threat landscape, remarking that "the perennial weak link is passwords." He added, "We developed our comprehensive solution in conjunction with feedback from our customers, and it provides IT teams with a way to quickly and easily identify credential vulnerabilities and take action to protect their Active Directory environment, helping reduce their risk."

The latest release of Enzoic for Active Directory includes several key features aimed at improving security and reducing IT workloads:

• Actionable Dashboard: The new dashboard offers a single integrated view, facilitating the remote management of all password settings. Compromised user reporting now includes more details such as the history of exposure, the original policy, actions taken, and the current policy in place. This level of detail is designed to highlight areas where further education is needed and assist in shaping policies to improve password security. IT teams can now address compromised accounts manually with more granular options, such as re-notifying the user, forcing a reset, or deactivating the account.
• Increased Visibility: Alerts now provide deeper insights into user behaviour at all levels, even those outside the password policy, enabling teams to implement an automated multi-policy approach based on historical data. Monitoring extends beyond exposed credentials and covers additional security risks, such as administrative privileges, password sharing, users who have not set a password, and inactive accounts. Admins can also set time zone preferences for alerts.
• Reduced Workload on IT Teams: Organisations can authorise Enzoic to remotely pull product logs, easing the administration load and offering more detailed troubleshooting information with adjustable log detail levels. Additionally, the updated user interface simplifies the configuration of personalised SMTP servers, enabling email alerts to be sent from the organisation's domain.
• Refined Permission Management: Previously, accessing the dashboard, viewing reports, and updating configuration settings required Domain or Enterprise administrator rights. Now, users can be assigned to a new least-privilege group, granting these permissions without requiring domain or enterprise-level access.

The enhancements to Enzoic for Active Directory aim to provide organisations with more effective tools to manage password security and reduce the risk of cyber threats. The updates reflect Enzoic’s response to customer feedback and its commitment to improving cybersecurity through advanced threat intelligence solutions.