Administrator Best Practices
Here are some industry-wide best practices we follow:
- Our administrators use a specific administrator account to perform security-related functions. Since account activity is audited and tracked, this establishes accountability. Administrators use a separate account for everyday account administration activities.
- Administrators ensure they log out when their task is complete or leave their workstation.
- Periodically examine the membership of all security groups, especially those who can access sensitive data.
- Disable access of terminated employees to avoid loss, theft, or unauthorized access.
- Educate and encourage staff to follow best practices:
- Disable the web browser "auto-remember" feature.
Do not write down passwords.
- Use complex passwords. A password is considered strong when:
- It has eight characters or more with at least one upper and lower case character.
- It has at least one numeric character.
- It has at least one punctuation character.
- It does not contain the names of family members, pets, or birth dates.
- It is not a common dictionary word.