Customizable reports of all the users and computers in your directory are essential for maintaining a secure and compliant IT environment. Industry compliance frameworks like PCI require proof that any user accounts inactive for 90 days are consistently removed. Left stagnant, these accounts can be vulnerable to cyberattacks. They also clutter your directory, making it cumbersome to keep track of users and systems for asset management purposes.
With a directory users and computers report, you can easily identify and remove inactive accounts and demonstrate whether the information in your user database is current. This is one crucial step in proving that your team has secure, centralized control over the users and systems in your environment.
Let’s take a closer look at some of the parameters you’ll want to include in this type of report, along with some considerations for how to pull it. We’ll look at one approach using Active Directory®, as well as a more modern solution.
Users and Computers Report Parameters
When creating a directory users and computers report, you’ll want to retrieve more than just a basic list of directory objects. Here are some of the additional properties you may want to pull, and how to use each of them:
- Inventory of local user accounts on each system and their last logon times — ensure that accounts from deprovisioned users are non-destructively deleted at the system level and the directory level.
- OS version and installed patches — demonstrate that each computer meets security baselines and patch any weak links in the environment.
- Installed programs, applications, and browser extensions — confirm that installed software meets company guidelines does not create a security risk.
- System hardware configurations and usage (memory, storage, CPU) — troubleshoot hardware performance issues and prevent them through proactive asset management.
- Systems’ network connections — show proper network segmentation for critical proprietary operations.
- Disk encryption status — view the FDE status of each machine’s storage volumes to ensure that (Read more…)