Another good
article in InfoWorld
-“How many enterprise admins is too many?” – that is well worth the read. I’ve been doing a lot of reading and talking to customers over the last 6 months or so on the topic of privileged account management and there’s a lot to be worried about in this area. In this article the author gives some good advice on protecting your Windows admin accounts:
- Enterprise admins should not be logged on for surfing the Web, picking up email, or any other task that doesn't require enterprise admin abilities
- All admin user accounts should have long passwords, 15 characters or more – or, even better, they should be protected by smartcards
- Used dedicated admin workstations for domain or enterprise admins
- Use third-party software that helps companies manage elevated accounts
With phishing attacks constantly on the rise it’s a good idea to review what you’re doing with your privileged accounts. The attackers on the outside are getting to be more of a risk than internal attacks. You need to be well locked down for both.
No comments:
Post a Comment