Review administrative accounts

How many administrative accounts does your organization have that it isn’t necessarily aware of? Do any share passwords?

Cybercriminals are exploiting weak and shared passwords to gain unauthorized access to information and launch ransomware attacks. These takeovers can lead to lost production time and millions of dollars in ransom, recovery and lost productivity.

After a catastrophic security event, some businesses never fully recover. In fact, 60% of small businesses go under within six months of a data breach.

Next steps

  • Make a list of administrative accounts: Take an inventory of admin accounts to your systems and cloud services and keep it current on an ongoing basis.
  • Set up a regular review process for these accounts: At minimum, perform an annual review of who has access to these administrative accounts and determine whether they still need these access levels.
  • Require strong passwords and MFA: Make sure these accounts each have a unique password that follows strong password requirements. Implement multi-factor authentication for all administrative access to add a second layer of security.

Monitor all login activity associated with administrative accounts: Investigate any activity that appears out of the norm.

SOURCE: WIPFLI