Advantage encourages the control of staff accounts from a centralized system to both simplify IT support needs and give greater control to limit the impact of staff transitions. We also recommend the following items by default for all clients.
- Staff On-boarding and Off-boarding procedures
- User Controls that include the following settings
- Inactivity Lockout
- Firewall Enabled
- Password Policy documented and given to all staff requiring the following
- Minimum 8 characters (preferably longer)
- Password not used for other accounts
- Does not include any publicly available information about the staff person or company (i.e. names, dates, etc.)
- Requirement never to share password with anyone, including IT
- Use a password manager system or app
- Administrative policies that include
- Setup of all users as standard users (no admin privileges)
- Tools to allow specific staff or all staff to be trained on how to use a local admin in specific situations
- (optional) Logging of activity for users and admin accounts
- Two Factor Authentication (2FA)
- This additional security layer makes it harder for hackers to break into your accounts.
- Two-factor authentication works by adding an additional login step after username and password to prevent someone from logging in even if they have access to your password
- Eliminate unnecessary local administrator privileges and ensure that all human users and non-human users only have the privileges necessary to perform their work.
- Tools to allow specific staff or all staff to be trained on how to use a local admin in specific situations
- (optional) Logging of activity for users and admin accounts
Back to Business Security