CIS #6: Administrative Privileges
Updated: Sep 17
This month we are looking at Control 6 from the Center for Information Security (CIS) framework, which focuses on managing Administrative Privileges.
These privileges are applied to user accounts, allowing access and control over systems and hardware on the network. While this level of access is necessary for your IT support, in the wrong hands it can be a skeleton key to your network, and more importantly, your data.
CIS 6 aims to ensure these Administrative Privileges stay in the right hands by employing things like::
An up-to-date inventory of all administrative accounts, clearly documenting their purpose and level of access.
The principle of least privilege (POLP) should be rigorously applied. This means granting administrators only the minimum privileges required to perform their tasks.
A regularly reviewed list of all user accounts to ensure that old accounts are removed, and levels of access match current roles.
Multi-factor authentication (MFA) enforced on all admin accounts. This greatly reduces the risk of unauthorized access, even if the password is compromised.
Logging and monitoring activities on administrative accounts. Monitoring suspicious behavior early can lead to the prevention of potential breaches or insider threats.
CIS Control 6 is instrumental in mitigating the inherent risks associated with Administrative Privileges. And by following these practices you can bolster your cyber security defenses and ensure that the keys to your network are stored safely and monitored closely.
If you have questions about CIS Control 6 or your Administrative Privileges, contact your team lead today!