YALE-MSS-9.11: Use administrative and service accounts for their IT function only

Standards Group:
YALE-MSS-9: Authentication and Authorization

Low Risk Endpoint Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Required Moderate Risk Network Printer Required High Risk Network Printer Required

Details

Details and definitions

This standard applies to administrative accounts and service accounts.

Administrative accounts - a username and password that grants an individual privileged access to the IT System. Privileged access is access to make changes to the overall IT System.

Service accounts - special user accounts that an application, service or system uses to interact with the operating system. These types of accounts are typically used for automation.

Controls

YALE-MSS-9.11.1: Adjustment of privileged account permissions should be performed by the provider of the account and never the user of the account or a third-party

YALE-MSS-9.11: Use administrative and service accounts for their IT function only

Standards Group:YALE-MSS-9: Authentication and Authorization

Details

Controls

Standards Group:
YALE-MSS-9: Authentication and Authorization