
	Home > Ask the Security Experts > Identity Management and Access Control Questions & Answers > Should the CTO have domain administrator access?

Ask The Security Expert: Questions & Answers

Should the CTO have domain administrator access?

David Griffeth, past SearchSecurity.com expert

EXPERT RESPONSE FROM: David Griffeth, past SearchSecurity.com expert

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon Toolbar

StumbleUpon

Del.icio.us

>

QUESTION POSED ON: 10 December 2008
Is it standard for the CTO or SVP of technology to have domain administrator privileges?

BROWSE BY TAG

Identity Management and Access Control, Enterprise Identity and Access Management, Enterprise User Provisioning Tools, Identity Management Technology and Strategy, Password Management and Policy, VIEW ALL TAGS

Digg This!

StumbleUpon Toolbar

StumbleUpon

Del.icio.us

RELATED CONTENT

	Identity Management and Access Control
	Is Identity Management as a Service (IDaaS) a good idea?
	How to log in to multiple servers with federated single sign-on (SSO)
	How to confirm the receipt of an email with security protocols
	Learn about enterprise strategy for server virtualization single sign-on
	Employee information security awareness training for new IAM systems
	Can you combine RFID tag technology with GPS to track stolen goods?
	Is there a free enterprise-caliber password-management tool?
	Cryptosystem attacks that do not involve obtaining the decryption key
	Can any firm or organization get a digital signature certificate?
	Does password sharing in international branches violate SOX?

Enterprise User Provisioning Tools

Identity lifecycle management for security and compliance

Content-aware IAM: Uniting user access and data rights

Is Identity Management as a Service (IDaaS) a good idea?

Top tactics for endpoint security

How to edit group policy objects to give a user local admin rights

Privileged account management critical to data security

Making the case for enterprise IAM centralized access control

Lesson 3: How to implement secure access

Best practices for a privileged access policy to secure user accounts

Risk management must include physical-logical security convergence

Password Management and Policy

Two-factor authentication, vigilance foil password theft

Group to shed light on secure identity management threats

Brute force attacks target Yahoo email accounts

Best Identity and Access Management Products

Privileged account management critical to data security

Making the case for enterprise IAM centralized access control

How to prevent brute force webmail attacks

Best practices for a privileged access policy to secure user accounts

Mature SIMs do more than log aggregation and correlation

PCI compliance requirement 2: Defaults

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

AAA server (SearchSecurity.com)

authentication, authorization, and accounting (SearchSecurity.com)

federated identity management (SearchSecurity.com)

logon (SearchSecurity.com)

password synchronization (SearchSecurity.com)

RADIUS (SearchSecurity.com)

role mining (SearchSecurity.com)

user profile (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

This depends on the size of the company; a CTO may have a broad range of responsibilities, which may require elevated privileges.

A better way to assess appropriate privileges is to think in terms of job responsibilities. Do the day-to-day responsibilities of the CTO or SVP of technology require domain administrator privileges? If so, it is appropriate; if not, the security manager should limit his or her account privileges to the minimum required to do the job, just as everyone else in the company should.

The CTO should understand the concept of access appropriate to role and limiting account privileges. There should be a process in place to evaluate every privileged account on a periodic basis. In doing this, you take away the subjectivity of the conversation and introduce an objective process based on sound business requirements.

More information:

Is it possible to create multiple root user IDs to prevent root password sharing? Find out more.
Learn how to write a batch file that allows users local admin access for a short time.

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business

TechTarget Security Media

Information Security

View this month\\'s issue and subscribe today.

Information Security Decisions

Apply online for free conference admission.

SearchSecurity.com

SEARCH :

Site Index

Powered by:

About Us | Contact Us | For Advertisers | For Business Partners | Site Index | RSS

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy