One of the biggest surprises IT receives during an audit is that their network is basically configured to grant attackers access.

So often, there are active user accounts for users who no longer even work at your organization. Some executives ask, “How did so-and-so break into our network? We fired them months ago!” All the user needed to do was log in.

More often, the executives have administrative level permissions to access everything on the network and, additionally, the executive has a weak password. If an executive demands administrative access to a network, create two user accounts for the executive. One of the accounts is for day-to-day work and the administrative account is only for resetting passwords, deleting users, and whatever else the executive wants to do on occasion.

Any users who have administrative access should not have access to a web browser or to email. Avoid exposing administrative users to those common and dangerous attack vectors.

Please post your comments on this blog.