Table of contents exchange of letters with the minister executive summary


RECOMMENDATION #5: PRIVILEGED ADMINISTRATOR



Download 5.91 Mb.
View original pdf
Page181/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   177   178   179   180   181   182   183   184   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019
40
RECOMMENDATION #5: PRIVILEGED ADMINISTRATOR
ACCOUNTS MUST BE SUBJECT TO TIGHTER CONTROL AND GREATER
MONITORING ........................................................................................................ 298
40.1
Inventory of administrative accounts should be created to facilitate rationalisation of such accounts ................................................................... 299 All administrators must use two-factor authentication when performing administrative tasks. 300 Use of passphrases instead of passwords should be considered to reduce risk of accounts being compromised .................................................................. 303 Password policies must be implemented and enforced across both domain and local accounts ........................................................................................ 306 Server local administrator accounts must be centrally managed across the IT network ........................................................................................................ 306


COI Report – Part VII
Page 216 of 425

40.5.1
Establish clear policies in relation to the use and management of server local
administrator accounts ................................................................................... 307
40.5.2
Access to server local administrator accounts should be made available on a
needs-only basis .............................................................................................. 308 Service accounts with high privileges must be managed and controlled ..... 309
40.6.1
Establish clear policies in relation to the use and management of service
accounts .......................................................................................................... 310
40.6.2
Create and maintain an inventory of service accounts, and disable accounts
which are unnecessary. 312

Download 5.91 Mb.

Share with your friends:
1   ...   177   178   179   180   181   182   183   184   ...   329



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy