The hardest part of implementing privileged and non-privileged accounts for administrators is push back from the administrators themselves. They may make statements about two accounts slowing down their work or making them less productive, when in fact they already log into multiple systems a day and some systems may require different login credentials anyway, so one more login will not affect their productivity significantly.
The time and money it could save in dealing with attacks or mistakes made while using an administrator account would be less than a minor inconvenience in the short term that will become second nature in the long term.
They may also say it is impossible to do certain tasks, but that is not an excuse to always use administrative accounts for all activities. In fact, Microsoft introduced the “run as Administrator” option way back in Windows XP. It is still a feature in Windows 10, and it has been expanded upon to increase the protections around Administrator accounts.
Many administrators just want more control of their systems. However, the systems belong to the organization they support and need to be protected in the same way as a server especially since the administrator has direct access to more sensitive components on the network and using the same username and password combination weakens any security that is in place.
The idea of least privilege is not new; it is a requirement of FISMA 800-53a (AC-6) and considered an industry best practice by SANS, US-CERT and the NSA. So don’t delay.
Start moving to the use of non-privileged accounts for all users, not just your standard employees, as soon as possible.
Many of the companies who turn to LBMC for penetration testing also take advantage of one or more of our other information security services—from risk assessments to intrusion detection and prevention. By sharing information across functional areas, we are able to ensure that our testers stay on top of the latest attack techniques, emerging threats, and creative defenses, which improves our assessment and testing techniques and the quality of the resulting threat intelligence we provide to our clients.
To learn more about why we’re your choice for the best penetration testing company, contact us or call 1-844-526-2732.