Skip to main content
Skip table of contents

Administrator Best Practices

Here are some industry-wide best practices we follow:

  • Our administrators use a specific administrator account to perform security-related functions. Since account activity is audited and tracked, this establishes accountability. Administrators use a separate account for everyday account administration activities.
  • Administrators ensure they log out when their task is complete or leave their workstation.
  • Periodically examine the membership of all security groups, especially those who can access sensitive data.
  • Disable access of terminated employees to avoid loss, theft, or unauthorized access.
  • Educate and encourage staff to follow best practices:
    • Disable the web browser "auto-remember" feature.

    • Do not write down passwords.

    • Use complex passwords. A password is considered strong when: 
      • It has eight characters or more with at least one upper and lower case character.
      • It has at least one numeric character.
      • It has at least one punctuation character.
      • It does not contain the names of family members, pets, or birth dates.
      • It is not a common dictionary word.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close