Evaluasi Kebijakan Keamanan Active Directory berdasarkan CIS Controls pada PT. XYZ Indonesia

Abstract

Active Directory (AD) plays an important role in identity management and authentication in Windows-based enterprise environments, where security policies applied through Group Policy Objects (GPOs) directly affect system security and operational resilience. This study evaluates Active Directory security policy compliance with CIS Microsoft Windows Server 2022 Benchmark v4.0.0 and maps its implementation to CIS Controls v8. This evaluation focuses on applied GPOs, using direct configuration observation, document analysis, and descriptive evaluation. The results show varying levels of compliance with CIS recommendations, highlighting gaps between operational requirements and secure configuration principles, particularly in access control and script execution policies. These findings indicate that the CIS Benchmark provides a structured and effective framework for evaluating GPO-based security configurations, while the resulting recommendations are expected to support improvements to Active Directory security policies aligned with CIS Controls v8 and enhance the overall security posture of the environment.