UserLock 13.0 Fortifies Active Directory for the Hybrid Era

BIDART, France – December 03, 2025 – In a technology landscape dominated by cloud-native solutions, IS Decisions today reaffirmed its commitment to the foundational infrastructure of enterprise IT with the launch of UserLock 13.0. The major update to its identity and access management (IAM) solution is purpose-built to secure on-premises and hybrid Active Directory (AD) environments, a component that remains critical for a vast majority of organizations worldwide.

The new release introduces a fully redesigned user interface, stronger security capabilities including certificate-based authentication, and new tools for extending control to remote machines, all while championing the principle of data sovereignty. The update aims to make securing legacy identity systems simpler and more effective, directly addressing the real-world challenges faced by IT teams managing hybrid environments.

"It's an unsexy thing for a tech founder to say, but most of the world still runs on Active Directory," said François Amigorena, CEO and Founder of IS Decisions. "UserLock 13.0 is about making that reality easier to secure. Helping IT teams protect the identities they already rely on, without disrupting the systems that keep business running. This update is a direct result of our 25-year mission: to listen to the Active Directory community and deliver pragmatic security for the identity infrastructure the world runs on."

Modernizing Security for Legacy Systems

While industry conversations often gravitate towards complete cloud migration, the reality for most organizations is a complex hybrid model where on-premises Active Directory remains the authoritative identity source. This infrastructure, however, is a prime target for cyberattacks, and securing it against modern threats without a complete overhaul is a significant challenge for IT administrators. UserLock 13.0 tackles this head-on by introducing advanced security features that can be layered onto existing environments.

A key enhancement is the introduction of certificate-based authentication. UserLock's single sign-on (SSO) can now validate user certificates from an organization's trusted Certificate Authority, adding a robust layer of verification aligned with zero-trust principles. For remote access, UserLock Anywhere now supports machine certificate authentication, providing a more secure, modern alternative to the often-vulnerable NTLM protocol. These additions allow organizations to significantly harden their identity verification processes without abandoning their core AD infrastructure.

This approach directly counters the narrative that legacy systems cannot be adequately secured, offering a pragmatic path for organizations to enhance their security posture in an evolutionary, rather than revolutionary, manner. By strengthening the core, IS Decisions enables businesses to protect their most critical assets while navigating their unique journey to the cloud at their own pace.

Championing Data Sovereignty and On-Premises Control

In an era of increasing data privacy regulations like GDPR and CCPA, the issue of data sovereignty has become a critical boardroom concern. Many cloud-based identity solutions require authentication data to be processed and stored by third-party services, creating potential compliance risks and expanding the organization's attack surface. IS Decisions is positioning UserLock 13.0 as a powerful alternative for organizations that prioritize control over their sensitive data.

The solution is designed for on-premises deployment, ensuring that all authentication data remains within the organization's own environment. This gives companies full control and autonomy over their identity infrastructure, minimizing exposure to external threats and simplifying adherence to stringent compliance mandates. This commitment to on-premises control is a strategic differentiator in a market pushing aggressively towards the cloud.

"For many organizations, hybrid identity is here to stay," commented Christopher Bunn, General Director at IS Decisions. "But teams don't need to rebuild everything to be secure. They need tools that make what they already have simpler, clearer, and more resilient."

This philosophy resonates particularly well in highly regulated sectors such as finance, government, and healthcare, where maintaining direct control over identity and access logs is not just a preference but a legal necessity. UserLock 13.0 provides these organizations with a clear path to modern IAM capabilities without compromising on their data governance requirements.

A New Standard for Usability and Visibility

Beyond the security enhancements, UserLock 13.0 delivers a fundamental redesign focused on simplifying the day-to-day work of IT administrators. The new interface is structured to reflect administrative workflows, placing critical information front and center and reducing unnecessary noise. Dedicated pages for users, groups, organizational units, and machines provide a clearer, more intuitive view of the Active Directory environment directly within the console. This enhanced visibility helps prevent common configuration errors and makes it easier to spot and close potential security gaps.

To further streamline operations, a new step-by-step policy wizard guides administrators through the process of creating access rules. With inline explanations for each option, the wizard makes configuration faster and more reliable, ensuring that even complex policies are implemented correctly. For auditing and troubleshooting, a new Admin Actions panel provides a real-time, immutable log of every operation performed within UserLock, offering complete traceability and accountability.

These usability improvements are not merely cosmetic; they are designed to make robust Active Directory security accessible to a wider range of IT professionals, including those in small to medium-sized businesses (SMBs) who may not have specialized security teams. By lowering the complexity, IS Decisions empowers more organizations to effectively manage and protect their identities.

Extending Control Beyond the Firewall

Recognizing the permanence of remote and hybrid work, UserLock 13.0 also introduces the UserLock Anywhere Cloud. Currently in beta, this new feature allows administrators to enforce and maintain UserLock policies on off-LAN machines without requiring a traditional VPN connection or complex IIS configurations. It utilizes an encrypted, outbound-only connection to an Azure-hosted relay managed by IS Decisions, ensuring that security policies remain active no matter where the user is located.

This capability closes a critical gap in managing a distributed workforce, providing continuous visibility and control over user sessions that occur outside the corporate network. The decision to release it in beta underscores the company's commitment to developing features in collaboration with its user community, ensuring the final product meets real-world needs. UserLock 13.0 is available immediately as a free upgrade for all customers with an active subscription, reinforcing the company's focus on delivering continuous value to its established user base.