The Full Cost of AD\u2019s Legacy<\/h2>\n\n\n\n
There are hard and soft costs associated with continued reliance on AD. <\/p>\n\n\n\n
Hard costs can include hardware, networking, licensing (including broad adoption of Microsoft security services), and facilities expenditures. You\u2019ll also continue to encounter end user requests that are difficult to implement due to AD\u2019s limitations, which can lead to further hard costs in the form of hardware, networking, and licensing for other<\/em> products. <\/p>\n\n\n\n The indirect costs vary and may be harder to quantify; they can reduce your flexibility, cause cultural resistance, and even make it more difficult for your organization to obtain cyber insurance coverage.<\/p>\n\n\n\n AD wasn\u2019t intended to manage anything other than Windows devices within a main office or set of satellite locations. This is not how modern organizations operate.<\/p>\n\n\n\n Today\u2019s workplaces consist of cross-OS endpoints<\/a> and work happens everywhere. AD doesn\u2019t provide single sign-in<\/a> (SSO) for cloud apps and network resources without additional components, lacks modern authentication and phishing resistance<\/a>, and has no built-in conditional access<\/a> (CA). AD is built around the network perimeter versus emphasizing the significance of every asset, resource, and even access requests.<\/p>\n\n\n\n Its technical limitations also make on\/offboarding users more cumbersome and prone to human error. There\u2019s no automation of group memberships<\/a>, and entitlements are all manually assigned. It\u2019s very easy to overprovision users, and even waste licenses, due to the nature of inherited group permissions. IT efficiency is limited by AD\u2019s lack of automation and difficulty in handling modern workflows. <\/p>\n\n\n\n The end result is that IT isn\u2019t responsive to business requirements; or worse, it actually impedes them.<\/p>\n\n\n\n Learn about how cloud directories automate group access<\/a> to resources.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n Maintaining the status quo can become expensive, and costs will rise as your organization outgrows your current datacenter\u2019s capacity to serve business needs. You should account for:<\/p>\n\n\n\n See a detailed breakdown of the hidden costs<\/a> of AD-based infrastructures.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n Microsoft has designated AD as a legacy technology<\/a> that must be secured and protected. Only the most Premium SKU<\/a> of its Entra ID cloud directory service provides the security controls that it recommends to protect identities and provide strong access control. Additional products like Defender for Identities are suggested to detect lateral movement by attackers from Microsoft\u2019s cloud services to your AD instances. <\/p>\n\n\n\n In short: keeping AD means adopting a big reference architecture.<\/p>\n\n\n\n Industry experts have also raised concerns about Microsoft monetizing security<\/a> and abusing the term \u201clegacy\u201d at the expense of its customers instead of fixing AD\u2019s well-documented security defects<\/a>. These systems can be complex to license and administer, potentially increasing IT headcount and salaries at market rates. Soft costs restrict choice and limit flexibility.<\/p>\n\n\n\n Technologies like Entra ID are mostly purchased as bundles<\/a> with productivity software, creating a vertically integrated stack out of Microsoft\u2019s services. Consider how people work, how they\u2019re willing to work, and the frustrations they might feel when flexibility is lost. There\u2019s a \u201cculture\u201d around tools and platforms, and that could stall migrations, despite pressure from the top.<\/p>\n\n\n\n Harvard Business Review<\/a> (HBR) found that 59% of employees indicate that, \u201ctheir collaboration tools are not aligned with how their teams prefer to work.\u201d HBR recommends that IT should empower users to have a say in choosing applications that will impact how they work. <\/p>\n\n\n\n Read a detailed examination of how downstream lock-in of services<\/a> with Microsoft can impact your organization.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n JumpCloud\u2019s AD modernization can be easier to implement and learn. Image credit: JumpCloud. Data is based upon what JumpCloud customers have experienced.<\/em><\/p>\n\n\n\n California has instituted privacy laws, California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), where violators are subject to civil penalties. This may just be the beginning, because U.S. national standards are often derived from the states. California laws mirror the European Union\u2019s General Data Protection Regulation<\/a> (GDPR), which is enforced when breaches occur. Courts may have to step in to determine when and how future penalties are imposed and what level of due diligence will be expected from data custodians.<\/p>\n\n\n\n It\u2019s also important to consider and communicate how any disruption to business operations would have adverse effects on revenues and, ultimately, the reputation of your organization.<\/p>\n\n\n\n The insurance industry knows these costs, and is expecting greater diligence with a baseline of security controls. Identity is becoming the new perimeter to prevent data breaches, and it\u2019s being heavily emphasized by insurers, along with many others. Underwriting is beginning to consider how potential customers handle evolving adversarial tactics and techniques. They\u2019ll also examine if they\u2019ve been breached before \u2026 a preexisting condition. Failure to manage cyber risks can impact insurability, and AD isn\u2019t up to the job for today\u2019s IT environment.<\/p>\n\n\n\n These trends are converging to dramatically upend the economics of cyber incidents. Fortunately, there are steps that you can take to start the process to achieve better security with your manager\u2019s buy-in, trust, and clear alignment with corporate goals. <\/p>\n\n\n\n Unfortunately, many managers possess a solid grasp on the threats posed by cyber criminals, but don\u2019t feel<\/em> the urgency. It can seem as if there’s never a \u201cgood time\u201d to get started. <\/p>\n\n\n\n You may encounter objections, including:<\/p>\n\n\n\n These scenarios all come down to how some managers fail to view IT as a function of the principal business \u2026 it appears ancillary. IT needs to learn to market to the people establishing the budget that it\u2019s not an ancillary function. Your challenge is \u201cgetting to yes.\u201d<\/p>\n\n\n\n Learn about how to optimize your IT department\u2019s budget strategy<\/a>.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n \u201cThose who defer doing something about cybersecurity have elevated other interests or concerns above it. Using a \u2018getting to yes\u2019 approach means understanding their interests,\u201d said Dr. Art Hochner, professor emeritus of management at the Fox School of Business at Temple University. Dr. Hochner specializes in teaching negotiation skills to thousands of students. <\/p>\n\n\n\n He continued, \u201cMaybe they are sold on the idea, but don\u2019t have time to implement, don\u2019t have a good grasp on what exact steps to take, or would benefit from some hand-holding along the way. The key is to find out what they see as their key interests \u2014 e.g., meeting deadlines, managing their time, knowing how to avoid pitfalls and large expenses, etc.\u201d <\/p>\n\n\n\n That can\u2019t be done by trying to sell them on technology alone. For a more effective negotiating strategy, Dr. Hochner recommends following these steps instead:<\/p>\n\n\n\n University of Pennsylvania professor of organizational behavior Dr. Karren Knowlton recommends reading:<\/p>\n\n\n\n JumpCloud\u2019s Open Directory Platform provides a smooth path to migrate off or modernize AD, once you\u2019ve succeeded in aligning IT\u2019s and management\u2019s interests. Active Directory Integration<\/a> (ADI) has configuration options that will enable you to determine where and how you want to manage users, groups, and passwords. It also provides a migration tool to transfer identities<\/a>.<\/p>\n\n\n\n Cross-OS device management is a critical component to control and protect modern IT infrastructures. JumpCloud pairs the ability to manage every endpoint with an open directory platform<\/a> to secure every identity and resource. This unified approach delivers strong access control while consolidating your tools for increased IT operational efficiency. Try JumpCloud for free<\/a> and find out if it\u2019s the right option for your organization\u2019s journey away from AD.<\/p>\n\n\n\n Our customers tell us that asset management is also important for security and IT operations. JumpCloud is enhancing its platform<\/a> to unify SaaS, IT security, and asset management<\/a>.<\/p>\n\n\n\n Learn more about how admins will be able to consolidate security, asset, device, access, and identity management with JumpCloud and how those features go hand in hand.<\/p>\n","protected":false},"excerpt":{"rendered":" Know how Active Directory can impact your organization and equip yourself with negotiation skills to move away from it.<\/p>\n","protected":false},"author":150,"featured_media":78518,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[2781],"tags":[],"collection":[2779],"platform":[],"funnel_stage":[3015],"coauthors":[2535],"acf":[],"yoast_head":"\nAD Isn\u2019t a Business Enabler<\/h3>\n\n\n\n
![](\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\"\/){kind=icon}
<\/p><\/div>High IT Infrastructure Costs<\/h3>\n\n\n\n
\n
<\/p><\/div>Paying the Price for Lock-in<\/h3>\n\n\n\n
<\/p><\/div>![\"\"](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2024\/04\/image-1.png\")
<\/figure>\n\n\n\nCompliance and Cybersecurity Issues<\/h3>\n\n\n\n
No Security Controls, No Insurance<\/h4>\n\n\n\n
Understanding Objections<\/h2>\n\n\n\n
\n
<\/p><\/div>Getting to Yes<\/h2>\n\n\n\n
\n
\n
Additional Resources<\/h3>\n\n\n\n
\n
Migrate Away from AD with JumpCloud<\/h2>\n\n\n\n