Should the CTO have domain administrator access?

Should a CTO or SVP of technology have domain administrator access? In this identity and access management expert response, learn whose job description should include domain administrator privileges.

David Griffeth

Is it standard for the CTO or SVP of technology to have domain administrator privileges?

This depends on the size of the company; a CTO may have a broad range of responsibilities, which may require elevated...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

privileges.

A better way to assess appropriate privileges is to think in terms of job responsibilities. Do the day-to-day responsibilities of the CTO or SVP of technology require domain administrator privileges? If so, it is appropriate; if not, the security manager should limit his or her account privileges to the minimum required to do the job, just as everyone else in the company should.

The CTO should understand the concept of access appropriate to role and limiting account privileges. There should be a process in place to evaluate every privileged account on a periodic basis. In doing this, you take away the subjectivity of the conversation and introduce an objective process based on sound business requirements.

More information:

Is it possible to create multiple root user IDs to prevent root password sharing? Find out more.
Learn how to write a batch file that allows users local admin access for a short time.

This was last published in December 2008

Microsoft plugs 2 zero-days on August Patch Tuesday

Cybercriminals auction off admin credentials for $3,000

U.S. government domain officials to start using 2FA

How a domain-specific language affects configuration management

6 SaaS security best practices to protect applications

Review these 7 CASB vendors to best secure cloud access

CASB explained: Know its use cases before you buy

Considerations for SASE management and troubleshooting

Cisco sweetens Acacia deal by $2 billion

SASE challenges include network security roles, product choice

Parler sues AWS, seeks restraining order

Digital healthcare top priority for CIOs in 2021

C-suite execs give future technology predictions for the decade

Will Windows 10 be the last Windows OS?

CES: Laptops sport designs friendly for remote workers

Evaluate if Windows 10 needs third-party antivirus

COVID-19 and remote work shift cloud predictions for 2021

Cloud providers jockey for 2021 market share

How to build a cloud center of excellence

Private LTE/5G market set to reach £4.2bn in 2024

150,000 records accidentally wiped from police systems

Google Cloud, Nokia accelerate readiness for cloud-native enterprise 5G solutions

Related Resources

Dig Deeper on Privileged access management

Microsoft plugs 2 zero-days on August Patch Tuesday

Cybercriminals auction off admin credentials for $3,000

U.S. government domain officials to start using 2FA

How a domain-specific language affects configuration management

Related Q&A from David Griffeth