User account management
User account management is not often considered a security mechanism, but accounts on the system are some level of access that may be the door in for malicious activity. When a system administrator leaves an organization, their user account should be disabled and removed from all systems; failure to undertake this process is negligent. Another way to look at this is it is easier to use an account that is known to access a system versus finding another method to exploit the system. Priority review of system accounts should be in accordance to the system classification and other security policies as applicable.
User roles and permissions
An area of constant challenge is properly defining system users and roles to perform required tasks. This is less of an issue for server systems, but a significant issue for end user systems. In order to install software and perform some system functions, the operating system may require elevated privileges. Instead of leveraging a...
