A Novel Approach to Enhancing Active Directory Security in Academic Institutions

Authors : Hafzullah İş

Pages : 394-402

Doi:10.17694/bajece.1567393

View : 51 | Download : 86

Publication Date : 2025-01-07

Article Type : Research Paper

Abstract :This research rigorously investigates the cybersecurity frameworks within academic institutions, emphasizing the pivotal role and security of Active Directory (AD) systems. By conducting an in-depth analysis of AD infrastructures across 12 universities with critical digital environments, this study scrutinizes access control mechanisms, user identity management, and network segmentation strategies. The findings reveal profound security lapses, such as excessive administrative privileges granted to 75% of non-administrative users and the absence of Demilitarized Zones (DMZs) in 80% of the institutions. Additionally, 65% of the institutions exhibited critical vulnerabilities by not integrating public devices, such as printers and laboratory computers, into the AD framework. The study further highlights the escalating threat of cryptolocker and ransomware attacks, which have increasingly targeted institutions, resulting in significant data encryption and operational disruptions. Moreover, challenges related to the deployment and management of advanced cybersecurity solutions, like CrowdStrike, underscore the complexities in maintaining up-to-date defenses. These issues are compounded by frequent update and upgrade failures, adversely impacting AD health and overall network security. This paper delineates strategic recommendations to enhance AD security, supported by empirical evidence showing a 92% improvement in defense against cyber attacks upon implementing these measures. The insights garnered from this study are aimed at fortifying the cybersecurity postures of academic institutions, thereby mitigating the escalating threats in the digital landscape.
Keywords : Active Directory, Cyber Security, Vulnerability, System Analyse, Critical Infrastructures