Will there will also be an effect on Active Directory security brought about by new trends in edge computing and the internet of things?
So the rise in edge computing is adding more entry points into an organization's Active Directory that they need to consider. So at Microsoft Ignite this year we heard a lot about edge computing, because organizations are seeing the benefits of collecting all of this data close to the source-- think a blockchain or artificial intelligence and medical operations. But what's really important to understand about all these devices is that they do not come with the same management stack as internal resources. So the manpower and the tools that are used to maintain your decades-long-running mainframes, or to deploy patches out to user laptops, simply don't exist.
And organizations don't have the capacity to maintain thousands of IoT and edge devices that they have. And so devices that should be patched aren't patched. And so what we see is more security holes for things like ransomware, network reconnaissance, and even cryptojacking to come in and steal their compute resources. And patching becomes a rationalization exercise between the disruption to the business for applying the patch and the likelihood of a cybersecurity incident.
What we recommend to our organizations is to authenticate these devices in the cloud with Azure Active Directory, and keep it away from their valuable internal Active Directory data and resources. And they should also apply the same monitoring to these devices as they do with their internal Active Directory.