Security recommendations for user accounts​


  1. IMPLEMENT CENTRAL MANAGEMENT OF USER ACCOUNTS AND AUTHORIZATIONS

    Set a unified security policy as well. Remove extended permissions from accounts where they are not required. At the same time, prevent these accounts from running scripts, installing software, modifying the registry, etc.

  2. SEPARATE ADMIN ACCOUNTS FROM COMMON ACCOUNTS

    Use a unique account for system administration. Use a standard unprivileged account for other activities (e-mail, web, etc.).

  3. ASSIGN EACH ADMINISTRATOR HIS OWN ACCOUNT FOR SYSTEMS ADMINISTRATION

    Do not use shared accounts.

  4. SECURE LOCAL ADMIN ACCOUNTS

    Also, set for them a unique password for each station. You can use LAPS (Local Administrator Password Solution) in a Windows environment.

  5. ENFORCE THE USE OF STRONG PASSWORDS

    When doing this, keep in mind to take into account the required complexity, length, and validity period. Avoid repeating the same passwords and using dictionary terms. Force a password change if it is suspected to have been compromised.

  6. CHOOSE SIMPLE DOMAIN NAMES
    By doing so, you will ensure that the letter confusion in phishing e-mails will be clearly visible.

 

The advice listed is based on recommendations issued by The National Cyber and Information Security Agency.

You are running an old browser version. We recommend updating your browser to its latest version.