Four Best Practices for Passing Privileged Account Audits

Like most IT organizations, your team may periodically face the “dreaded” task of being audited. Your process for delegating privileged access to desktops, servers, and infrastructure devices is a massive target for the auditor’s microscope. An audit’s findings can have significant implications on technology and business strategy, so it’s critical to make sure you’re prepared when the auditor comes knocking at your door.

So where do you start? Most smart IT leaders know that administrative privileges need to be removed from most users – and well managed for those who do need them. This of course is easier said than done, as many applications and OS tasks require administrator privileges to correctly function. Even if you do clear this hurdle, you aren’t necessarily going to pass that audit.

Good auditors know that removing administrator rights represents just a single step in the privileged account management process. While the list of specific audit requirements can seemingly go on forever, four essential practices will ensure that you pass your privilege management audits 99% of the time:

1.) Discover all accounts that have privileged access regardless of device or platform
2.) Remove privileged access or change management access to privileged accounts
3.) Report the “who, what, when and where” behind privileged access
4.) Monitor all changes executed by privileged users

Check out our white paper, “Four Best Practices for Passing Privileged Account Audits,” for a deeper dive into each best practice and to learn how BeyondTrust can help.