Sunday, November 18, 2018
  • DerbyCon 2018, David Boyd’s ‘Just Let Yourself In’
  • XKCD, Kilogram
  • DerbyCon 2018, Chris Sistrunk’s, Krypt3ia’s & SynAckPwn’s ‘WE ARE THE ARTILLERY: Using Google Fu To Take Down The Grids’
  • Beware: New wave of malware spreads via ISO file email attachments
  • Apple and Android updates 17th November 2018

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Data Security Security Bloggers Network 

Home » Cybersecurity » Data Security » 20 Critical Security Controls: Control 4 – Controlled Use of Administrative Privileges

20 Critical Security Controls: Control 4 – Controlled Use of Administrative Privileges

by Travis Smith on April 26, 2018

Today, I will be going over Control 4 from version 7 of the CIS top 20 Critical Security Controls – Controlled Use of Administrative Privileges. I will go through the nine requirements and offer my thoughts on what I’ve found.

Key Takeaways for Control 4

  • Get this control right. Attackers would love to get their hands on your admin credentials. Control 4 is in the top five for that very reason. Administrative credentials are as valuable than the data you are trying to protect. Provide the level of care with those as you would with your organization’s most sensitive data.
  • Follow best practices. Every compliance framework and hardening benchmark has guidance on handling credentials, not just those of administrators. Look to those for inspiration on what to do in your own environment.
  • Think seriously about two-factor authentication: There is guidance on enabling MFA for administrative users, but why not all users? Not just when accessing the VPN but all the time. There is going to be a cost/resource issue, but we’re well overdue for making this a requirement.

Requirement Listing for Control 4

1. Maintain Inventory of Administrative Accounts

Description: Use automated tools to inventory all administrative accounts, including domain and local accounts, to ensure that only authorized individuals have elevated privileges.

Notes: Attackers are going to go after administrative accounts. With admin access, there’s no need to burn costly zero-days and create a bunch of noise in the environment. Know what the attackers are after so you can create appropriate controls and implement detection mechanisms.

2. Change Default Passwords

Description: Before deploying any new asset, change all default passwords to have values consistent with administrative level accounts.

Notes: Note the fact that all default passwords should be changed with administrative-level password recommendations. Granted, most (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Travis Smith. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/20-critical-security-controls-control-4-controlled-privileges/

April 26, 2018April 26, 2018 Travis Smith Admin privilges, Control 4, IT Security and Data Protection, Security Controls
  • ← Remove Search.searchtsbn.com Redirect
  • Top 5 Developer Jokes Explained … Because We Don’t Get Them Either →
Featured Blog

Secure Code Warrior

Why financial institutions are leading the charge to upskill their developers in secure coding

Secure Code Warrior

Why SQL Injections Are The Cockroaches of the AppSec World (and how CISOs can eradicate them once and for all)

Secure Code Warrior

A Brighter Future For DevSecOps? It’s Closer Than You Think

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Microsoft and Adobe Patch Zero-Day Vulnerabilities
Convergence of Security, Networking Services Accelerates
Juniper Networks: Cryptomining Exploit Targeting Docker Containers
Move Over, Ransomware: Cryptojacking is the New Kid in Town
Hackers Exploit Critical Flaw in WordPress GDPR Compliance Plug-in
Top Cybersecurity Threats & How the WAF Must Evolve to Address Them
SAP Security Notes November ‘18: The Mobile Client Side Menace
Announcing ProtonVPN for iOS – Free and unlimited VPN for iOS
Predictions: AI Fuzzing and Machine Learning Poisoning
Healthcare survey finds abundance of medical device security overconfidence

Upcoming Webinars

Tue 27

2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyber Defenses

November 27 @ 11:00 am - 12:00 pm
Thu 29

Cloud Security: What You Need to Know

November 29 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

Mobile-to-Mainframe: The Definitive Guide to Achieving Compliance

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

6 Best Practices to Make the Most of Your Sandbox Proof of Concept
Analytics & Intelligence Cybersecurity Industry Spotlight Security Boulevard (Original) Threat Intelligence 

6 Best Practices to Make the Most of Your Sandbox Proof of Concept

November 16, 2018 Ralf Hund | 2 days ago 0
Move Over, Ransomware: Cryptojacking is the New Kid in Town
Cybersecurity Endpoint Industry Spotlight Security Boulevard (Original) 

Move Over, Ransomware: Cryptojacking is the New Kid in Town

November 15, 2018 Nick Bilogorskiy | 3 days ago 0
The Top 5 Industries Grappling with Bad Bots
Cybersecurity Industry Spotlight Malware Security Boulevard (Original) 

The Top 5 Industries Grappling with Bad Bots

November 13, 2018 Reid Tatoris | Nov 13 0

Top Stories

Blackberry Acquires Cylance to Apply AI to IoT Cybersecurity
Analytics & Intelligence Cybersecurity Featured IoT & ICS Security News Security Boulevard (Original) Spotlight 

Blackberry Acquires Cylance to Apply AI to IoT Cybersecurity

November 16, 2018 Michael Vizard | 1 day ago 0
Galaxy S9, iPhone X, Xiaomi Mi6 Devices Hacked at Pwn2Own Contest
DevOps Featured Mobile Security News Security Boulevard (Original) Spotlight Vulnerabilities 

Galaxy S9, iPhone X, Xiaomi Mi6 Devices Hacked at Pwn2Own Contest

November 16, 2018 Lucian Constantin | 1 day ago 0
Alert Logic Adds Managed Threat Intelligence Service
Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight 

Alert Logic Adds Managed Threat Intelligence Service

November 16, 2018 Michael Vizard | 1 day ago 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2018 Mediaops Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.