Pau Lo
asked on
controlled usage of admin priveleges
A lot of security standards/best practice guides now often have a section on 'controlled usage of administrative privileges', I just wondered in a predominantly Microsoft/Active Directory based environment (Windows client OS and server OS, and database/web platforms of MSQL, IIS etc), where exactly to would someone start to assess how well we are doing in this area of cyber security. e.g .a break down of specific tests to run over our environment.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
...look at your own processes and procedures. Do you give people enough power to do their jobs, but nothing more? Then you're probably fine. If you give someone full admin privileges when they only need to do backups, you may have room for improvement.
This is not a generic question, and is driven by how you run your network.