Case Study - Banking & Financial Services

Business Challenge

Al-Ahli Bank's administrators faced several challenges in handling all its user accounts from a central location. Its employees were scattered across various branches, with many of them always on the move. With them being mobile, deciding the exact account activity status for an employee over a period of time, was a difficult task for an administrator. Instances where a few employees had on-site assignments for unplanned lengths of time also prevailed. Accounts of such employees as well other unused accounts being left dormant, inflicted opportunities for other employees and malicious intruders to access them, subsequently compromising the Bank's network security.

Jacinto Godinho, Administrator, Quality Assurance and IT Security Al-Ahli Bank proactively decided that he had to address all threats possible due inactive user accounts in his domain and was determined to eliminate the cause. For this he needed to ascertain users who are inactive for a considerable period of time and proactively disable them as and when deemed necessary. He was also aware that most disabled accounts will need reactivation and hence required a simple but efficient process. And these were challenges he had to overcome to meet his goals.

Solution

It is quite essential that complete privacy and security is attached to every employee's login account, and only valid accounts are prevalent. In order to ensure this, it becomes imperative that the administrator scans the Active Directory for inactive user accounts and disables or deletes them. An efficient mechanism to identify and report on inactive user accounts becomes important, as there is a chance that these accounts could turn out to be a source of threat when exposed inadvertently or otherwise. Al-Ahli bank was in need of a flexible security solution which extracts most relevant information on user accounts, easily accessible from anywhere in the domain and was reliable.

ADManager Plus Advantage

Jacinto Godinho: Administrator, Quality Assurance and IT Security on evaluating several other software narrowed down ADManager Plus - web based active directory management solution - which allowed him to access accounts from anywhere in the domain. He was able to scan the entire Active Directory for inactive users for specified number of days and view the results in the form of a comprehensive report on a friendly and manageable user interface. He had the provision to delegate roles to help desk technicians to delete, disable or enable user accounts with the help of these scanned reports. Also the ease of use to both disable inactive users and enable them by choosing specific users from the report as and when required, provided complete flexibility to him in managing his user accounts. ManageEngine ADManager Plus benefits were compulsive and it became the software of his choice.

Result

ADManager Plus greatly helped reduce the problems associated with inactive user accounts. The software reduced the burden administrators faced, to access the Active Directory through error prone scripts. Today Al-Ahli bank enjoys complete security of logins of all its domain users and is secured from any malicious attacks on dormant accounts. The administrators are completely aware of all network resources available in their domains and are always in control of their Active Directory environment just with the click of a mouse. ADManager Plus was the right solution at the right time for Al-Ahli Bank. The Software not only met security and compliance requirements, but also brought a huge difference to the security of users who logged in to the domain.