Microsoft’s Active Directory (AD), the most dominant directory service for handling logins and other administrative functions on Windows networks has been a godsend for many IT administrators looking for a one-stop-shop to handle the Identity Access Management (IAM) functions within their organizations. And while AD works great for the core critical function of issuing the basic access to systems, it is often insufficient when it comes to truly securing the entire spectrum of user access including privileged access and edge cases such as contractors and vendors. This is why entire niche industries such as Identity Governance Administration (IGA), Privileged Access Management (PAM), and Vendor Privileged Access Management (VPAM) have sprung up to fill these holes.

Read more at – Active Directory is not the silver bullet for IAM best practices