The success rate of attacks on corporate networks is growing, and today 70% of Windows environments are at risk of malicious attacks.
ManageEngine's report titled, Active Directory and Windows Server Security - Trends and Practices, finds in addition to this another 10% of IT admins are unaware of the security standards for Windows environments.
Furthermore, 72% of respondents seek a solution that sends alerts when security configurations change, yet 55% have not begun to use one.
The survey also found that 47% of IT admins find it difficult and time consuming to gain awareness of the current security settings of their Windows environments - a small percentage of respondents use scripts but find it tedious.
ManageEngine says at the centre of most corporate networks is the active directory. Since the active directory is the most important technology to control access to the network and resources, it is important to secure all aspects of this portion of a network, the company says.
However, the growing success rate of attacks suggests that many organisations do not secure their active directory correctly.
“Organisations clearly are paying closer attention to the security for active directory,” says Derek Melber, ManageEngine technical evangelist and microsite manager of security hardening for active directory and Windows servers.
“However, the survey results also indicate that Windows environments are far from being secure, and improved overall visibility is essential,” he says.
ManageEngine says the results of the survey indicate that organisations need to take immediate action to secure their Windows environments. For efficient management of their Windows environments, IT admins could benefit from exploring available reporting solutions, the company says. Businesses can enhance security measures to ensure a more secure and smoother environment to run operations.
Furthermore, ManageEngine says the findings imply a visibility gap in the market. Despite the market availability of solution providers, at least half the organisations do not use a configuration alert system and may need to perform requirement-to-solution mapping to reduce this gap.