In this section, we will address information security best practices as they relate to both the server and workstations.
User account management is critically important in a well-managed and secure enterprise information environment. It is important that you develop strong information security policies related to user accounts and their management, and develop mechanisms to audit your information system to ensure that your organization's policies are being followed.
Not everyone in your organization has administrator privileges on your information systems. The creation and assignment of administrative rights to your organization's team members should be carefully considered and given to only the people that need to have the permissions. When creating these accounts, bear in mind the following guidelines:
- Accounts with global impact, such as enterprise admins and domain admins, should be given to very few individuals...