By: Dan Bremner
I had a conversation with a client recently about Active Directory, and why it was a good idea, even for very small businesses. Like many business owners, my client had heard of Active Directory, but wasn’t really sure what it is.
Without getting into too much technical detail, Active Directory is a basically a list of the computers and people in an organization that all the computers share. It means each computer doesn’t need its own list, because they delegate the responsibility for authenticating users and setting permissions to a central location. In simple terms, it means that we can enter a user account once, and all the computers on the network know about that user, and know what things that user is and isn’t allowed to do. Without it, we would have to create that user account on every computer in the network.
Active Directory certainly isn’t a new technology, having been introduced by Microsoft in Windows 2000 (and built on LDAP and other technologies that are even older). However, if you don’t live and breathe technology every day, you may not realize all the good stuff that comes from having Active Directory as the framework for your computer network.
I’ve been asked, “When is a business large enough that they should use Active Directory?” With the ascendance of “the cloud” in recent years, there is also a school of thought that servers in the traditional sense aren’t needed anymore. I would answer that the foundation of Active Directory is still important for any business, and an inexpensive server like Windows Server Essentials is often the most cost-effective way to do it for the smallest businesses. (Although there are cloud options, too, including Microsoft’s Azure Active Directory.)
I’m going to turn that question around and say, “When is a business too small to use Active Directory?” My answer would be that a business with only a single owner/employee who does everything, and who doesn’t plan to hire anyone else, probably doesn’t need it. For just about everyone else, AD has benefits that make it worth considering. It’s part of the foundation that lets you build a scalable business.
Here are a few of the benefits of Active Directory for small businesses:
- Single sign-on. Log into your computer and have access to all the resources you need on the network.
- Permission schemes using Security Groups so things don’t have to be re-engineered when you add or remove employees.
- Group Policy is an extremely powerful tool that can set standards for security, permissions, passwords, standardize appearance, install software, and connect to printers, all based on Active Directory attributes.
- End-user PCs can be logged on by any user, which makes replacing, or restoring PCs take much less time, and enables employees to use another computer in a pinch.
- For compliance with standards such as PCI-DSS and HIPAA, Active Directory makes it possible to ensure that required policies are enforced across the network.
- Security auditing, if needed, is far easier with centralized authentication.
- If someone leaves, or changes roles, there is one place to change their security settings, and it takes effect on all computers.
Active Directory may not be sexy technology, but it’s a solid tool for businesses that are serious about growing and scaling their operations.