Like most IT organizations, your team may periodically face the “dreaded” task of being audited. Your process for delegating privileged access to desktops, servers, and infrastructure devices is a massive target for the auditor’s microscope. An audit’s findings can have significant implications on technology and business strategy, so it’s critical to make sure you’re prepared when the auditor comes knocking at your door.
So where do you start? Most smart IT leaders know that administrative privileges need to be removed from most users – and well managed for those who do need them. This of course is easier said than done, as many applications and OS tasks require administrator privileges to correctly function. Even if you do clear this hurdle, you aren’t necessarily going to pass that audit.
Good auditors know that removing administrator rights represents just a single step in the privileged account management process. While the list of specific audit requirements can seemingly go on forever, four essential practices will ensure that you pass your privilege management audits 99% of the time:
- Discover all accounts that have privileged access regardless of device or platform
- Remove privileged access or change management access to privileged accounts
- Report the “who, what, when and where” behind privileged access
- Monitor all changes executed by privileged users
This whitepaper introduces these practices and describes how BeyondTrust® solutions can help.
1.Discover All Privileged Accounts in Your Environment
Auditors need to be assured that you have a handle on all privileged accounts in your environment. Comprehensive discovery is critical, because if you can’t find privileged accounts, you will never be able to remove or manage them. They can hide anywhere in your environment, including:
- Users in the domain admin group
- Users in local administrators group
- Users granted root access to UNIX, Linux, or infrastructure
- Service control accounts
- Application administrative accounts including databases
- Passwords encoded in scripts