Should the CTO have domain administrator access?

Should a CTO or SVP of technology have domain administrator access? In this identity and access management expert response, learn whose job description should include domain administrator privileges.

David Griffeth

Is it standard for the CTO or SVP of technology to have domain administrator privileges?

This depends on the size of the company; a CTO may have a broad range of responsibilities, which may require elevated...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate Email Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

privileges.

A better way to assess appropriate privileges is to think in terms of job responsibilities. Do the day-to-day responsibilities of the CTO or SVP of technology require domain administrator privileges? If so, it is appropriate; if not, the security manager should limit his or her account privileges to the minimum required to do the job, just as everyone else in the company should.

The CTO should understand the concept of access appropriate to role and limiting account privileges. There should be a process in place to evaluate every privileged account on a periodic basis. In doing this, you take away the subjectivity of the conversation and introduce an objective process based on sound business requirements.

More information:

Is it possible to create multiple root user IDs to prevent root password sharing? Find out more.
Learn how to write a batch file that allows users local admin access for a short time.

This was last published in December 2008

Microsoft plugs 2 zero-days on August Patch Tuesday

Cybercriminals auction off admin credentials for $3,000

U.S. government domain officials to start using 2FA

How a domain-specific language affects configuration management

Unify on-premises and cloud access control with SDP

Get to know cloud-based identity governance capabilities

6 AIOps security use cases to safeguard the cloud

Network capacity planning best practices for return to office

Aruba product integrations advance its SASE strategy

Wi-Fi 6 rollout requires careful review of network devices

CIO role post-pandemic is 'opportunity of a lifetime'

Hybrid care is healthcare's future

Replacing vs. maintaining legacy systems

Apple takes its M1 chip to the iMac, iPad Pro

VMware launches Anywhere Workspace to secure remote workers

Incorporating zero trust into endpoint security

Elastic vs. AWS highlights open source monetization dilemma

How to calculate cloud migration costs before you move

Evaluate Azure CLI vs. PowerShell for resource management

US O-RAN first as DISH and AWS form 5G-cloud strategic collaboration

Five reasons to look at hyper-converged infrastructure

Researchers shed more light on APT29 activity during SolarWinds attack

Related Resources

Dig Deeper on Privileged access management

Microsoft plugs 2 zero-days on August Patch Tuesday

Cybercriminals auction off admin credentials for $3,000

U.S. government domain officials to start using 2FA

How a domain-specific language affects configuration management

Related Q&A from David Griffeth