Case Study

NIST 800 – 171 3.1.6

Use non-privileged accounts or roles when accessing nonsecurity functions.

The object of this control is to set up an admin-account and a non-admin-account for privileged access and no-privileged access. This control seeks to separate admin accounts from non-admin accounts and what actions are performed by each. The best way to go about this is to create accounts with the least privilege access and administrative accounts with more power and capabilities. You want to talk about and refer to this separation in your security policy and you want to make sure that when you audit commands that these admin accounts are identifiable and associated with the person that is using them. Have an identifier like admin or something to that effect so it is obvious which accounts are elevated. Include the creation of these accounts in your administrator or IT person onboarding documentation. This is a common best practice and allows you to remove generic admin accounts in your environment. You will use this control to track who is making changes or has made a change in your environment so you can track them down or report on each individual’s activities.

Single Point of Contact was founded in 1999 and is a Managed Security Service Provider in the San Francisco Bay Area. We tailor our IT security services to take into consideration the every day challenges businesses face. Cybersecurity issues often stem from within an organization, so we take proactive measures to ensure everyone from top to bottom understands the ramifications of a cyberattack. Don’t hesitate to contact us to see how we can help better protect your company.

Subscribe to our Podcast