Screen Reader Mode Icon
What Account Management Means:

The processes and tools used to create, assign, manage, and revoke access credentials and privileges for user, administrator, and service accounts for enterprise assets and software. Does your organization…

Question Title

* 1. Establish and maintain an inventory of all accounts managed in the enterprise. The inventory must include both user and administrator accounts. The inventory, at a minimum, should contain the person’s name, username, start/stop dates, and department. Validate that all active accounts are authorized, on a recurring schedule at a minimum quarterly, or more frequently.

Question Title

* 2. Establish and maintain an inventory of all accounts managed in the enterprise. The inventory must include both user and administrator accounts. The inventory, at a minimum, should contain the person’s name, username, start/stop dates, and department. Validate that all active accounts are authorized, on a recurring schedule at a minimum quarterly, or more frequently.

Question Title

* 3. Use unique passwords for all enterprise assets. Best practice implementation includes, at a minimum, an 8-character password for accounts using MFA and a 14-character password for accounts not using MFA.

Question Title

* 4. Delete or disable any dormant accounts after a period of 45 days of inactivity, where supported.

Question Title

* 5. Restrict administrator privileges to dedicated administrator accounts on enterprise assets. Conduct general computing activities, such as internet browsing, email, and productivity suite use, from the user’s primary, non-privileged account.

Question Title

* 6. Establish and maintain an inventory of service accounts. The inventory, at a minimum, must contain department owner, review date, and purpose. Perform service account reviews to validate that all active accounts are authorized, on a recurring schedule at a minimum quarterly, or more frequently.

Question Title

* 7. Centralize account management through a directory or identity service.

0 of 7 answered
 

T