Last November, malicious perpetrators hacked their way into Sony Pictures, stealing terabytes of valuable insider information including previously unreleased movies and leaving the Sony network crippled for days.
"What happened at Sony was remarkably simple," say experts. It is widely believed that malicious perpetrators compromised a single Active Directory administrative account and then used it to obtain access to terabytes of valuable confidential information using that account.

Like most of the world's organizations, the IT infrastructure of Sony too is powered by Microsoft's Windows Server platform, and at the very foundation of their cyber security was their Active Directory deployment, which stores and protects all of the organization's administrative and employee user accounts and their passwords, as well as all the security groups that are used to protect the entirety of the organization's IT assets that are stored on the company's computers.

In Microsoft Windows Server based IT infrastructures, Active Directory administrative accounts have virtually unrestricted administrative access to every computer and IT resource in the IT infrastructure. In addition, numerous IT personnel have varying levels of administrative access delegated to them on these administrative accounts and on other user accounts and security groups in the Active Directory.

As a result, should a single account that has administrative access to/in Active Directory be compromised, theoretically every IT resource in the organization could be at risk, and in the worst case scenario, the entirety of the organization's IT resources could be compromised.

Consequently, in order to maintain security, today organizations absolutely need to be able to pinpoint who has what level of administrative access in their Active Directory to avoid any unwarranted security incidents. Though this ability was virtually non-existent a few years ago, primarily because it is very difficult to precisely determine exactly who has what level of administrative access in Active Directory, Sanjay Tandon, a visionary ex-Microsoft security expert, has changed the scenario. Along with his team of engineers, Tandon is helping organizations worldwide find out exactly who has what administrative powers delegated in their IT infrastructures, at the touch of a button through his brain-child, Paramount Defenses.