ADManager Plus improves AD management and security compliance at Penn National Insurance
About the organization:
Penn National Insurance is a renowned property-casualty insurance company committed to providing a wide range of reliable insurance products and services that cater to diverse customer needs. Founded in 1919 by the Pennsylvania Farmers and Threshermen's Mutual Protective Association under the name Pennsylvania Threshermen's and Farmer's Mutual Casualty Company, the company first provided only workers' compensation insurance for farm workers who operated steam-driven threshing machines.
-
Country
USA -
Industry
Insurance -
Employees
800-1000
Business challenges
- Efficient AD management: The company was using the cumbersome process of cloning users within Active Directory, leading to over-provisioning and potential security risks.
- Regular deletion of old users: Manually managing the deletion of old users after a certain period was another challenge due to the labor-intensive nature of the process.
- Standardized user creation: There was no clear system to dictate the specific groups a new user should belong to, leading to inconsistencies.
- Streamlining the onboarding process: The company needed a solution that could automate and standardize the user creation process, eliminating manual work and the possibility of human errors.
The Problem
Penn National Insurance, represented by Information Security Analyst Matt Mahoney, highlighted a series of pressing issues it was contending with. The company was primarily struggling with manually managing Active Directory and Office 365 users, a process that was both tedious and fraught with risks. In a business environment with high security standards, having to clone users to manage permissions and access was increasingly seen as a roadblock to efficiency and security. This manual approach also led to over-provisioning and inflated access rights, creating unnecessary vulnerabilities in its security infrastructure.
Moreover, tracking and removing old users 60 days after their accounts were disabled was a manual process that was hard to maintain consistently. The company also lacked a well-defined list of groups that needed to be assigned to each job title, resulting in an inefficient and error-prone process. The problems were further exacerbated by the lack of alternative options that were thoroughly evaluated before implementing ADManager Plus. The crucial need for Penn National Insurance was to establish an efficient, secure, and automated system that could assist in Active Directory management—specifically in the creation and management of users.
The outcome
The implementation of ADManager Plus presented a significant transformation for Penn National Insurance. The introduction of templates revolutionized its approach to user management, helping to prevent over-provisioning and enabling the practice of least privilege access. Despite being in the early stages of adoption, Mahoney expressed his satisfaction, predicting considerable time savings in the future as the company would streamline account creation processes. The process of copying users, previously seen as a significant pain point, would be replaced with the application of templates, allowing the company to automate certain tasks and save valuable time.
One of the primary reasons for choosing ADManager Plus was its intuitiveness and the efficiencies it introduced to the user management process. Even though not all features were used from the get-go, the team at Penn National Insurance identified potential future uses that could further automate processes, such as moving users to different OUs.
Despite some initial roadblocks, mostly on the company's end during setup, the overall experience was deemed positive. The responsive and supportive team at ADManager Plus was a crucial element in ensuring a smooth implementation process, ensuring that all bugs and issues were handled promptly and efficiently. The team at Penn National Insurance even offered some suggestions for further improvement, such as the integration of different systems like Oracle Cloud and its ticketing system. This positive outcome underscores the value and efficiency that ADManager Plus brings to businesses struggling with Active Directory management.
About ADManager Plus
ManageEngine ADManager Plus is a web-based Windows Active Directory management and reporting solution that helps Active Directory administrators and help desk technicians accomplish their day-to-day activities. With an intuitive, easy-to-use interface, ADManager Plus handles a variety of complex tasks, like Active Directory object backup and recovery, user account provisioning, and stale account management, and generates an exhaustive list of Active Directory reports, many of which are essential requirements for satisfying compliance audits. It also helps administrators manage and report on their Exchange Server, Microsoft 365, Google Workspace, and Active Directory environments—all from a single console. For more information about ADManager Plus, visit manageengine.com/ad-manager.