Many administrative accounts in organizations have the ability to make sweeping changes to a company's entire IT infrastructure, including installing software, changing security settings, and accessing sensitive data. As such, it is important to carefully consider who needs access to these accounts.
It is best to practice the principal of least privelege. In short, this means that each person should have as little access as possible to do their job. Only employees who need to make changes to IT infrastructure should have access to administrator accounts or have administrative privileges. This includes IT staff, such as system administrators and network engineers, as well as other employees who need to make occasional changes, such as the IT help desk.
It is important to note that not all IT staff need access to all administrator accounts. For example, a system administrator may only need access to the accounts that control the servers, while a network engineer may only need access to the accounts that control the network.
It is also important to limit the amount of time that employees have access to administrator accounts. Employees should only have access to these accounts when they need to make a change, and they should revoke their access as soon as they are finished.
Finally, it is important to use strong passwords and multi-factor authentication for administrator accounts. This will help to protect these accounts from unauthorized access.
Here are some additional tips for managing administrator accounts:
Create a separate administrator account for each employee. This will make it easier to track who has access to what, and it will also make it easier to revoke access if an employee leaves the company or is terminated.
Use strong passwords and multi-factor authentication for all administrator accounts.This will help to protect these accounts from unauthorized access.
Require employees to change their administrator account passwords regularly. This will help to keep these accounts secure.
Monitor administrator account activity closely. This will help you to identify any suspicious activity, such as unauthorized access or changes to system settings.
Have a plan in place for responding to security incidents involving administrator accounts. This will help you to minimize the damage caused by an incident.
Consider a devops mindset when it comes to IT infrastructure - changes are made programmatically and only with approval from a second or third person. This is often reserved for those with advanced technical knowledge, often meaning organizations with larger IT teams.
It's also best for employees to use their own accounts rather than those that are shared, such as accounts called administrator or root that are installed by default. Giving a user administrative access provides an audit trail for actions taken and a level of non-repudiation for those who couldn't have accessed an asset they didn't have the ability to manage. This provides an organization with the ability to determine if any individual took specific actions like sending an email, disabling a security protection, approving a change, or viewing personally identifiable information. This can be a little more challenging, although storing credentials in a password vault like Secret Chest can add a level of telemetry, provided the password was entered in such a way that a user couldn't have stored the credential out-of-band (e.g. writing it down or taking a screenshot). To do this, consider having long, auto-generated passwords that are immediately put into a tool like Secret Chest and set with at least two people present, so each would see if the other was documenting it.
By following these tips, you can help to protect your company's IT infrastructure and sensitive data and provide a written trail of when any privileges are escalated.
Comments