Uncontrolled access issues

SoniaMas · 2017-06-04 19:12:58 UTC

We do have issues with uncontrolled access to administrator accounts and frequent users, What is the best solution to this? We want to prevent damage on critical systems. Are there any solutions that you could suggest?

system · 2017-06-05 17:32:11 UTC

unclebob · 2017-06-06 10:00:55 UTC

If you have uncontrolled access to admin accounts then you have huge issues, admin accounts should be restricted to a few select individuals. I would implement a two stage account access like: their normal username/password then have to enter an access code sent to their phone or email.

SoniaMas · 2017-06-19 08:44:52 UTC

Is this the same solution being referred to by least privilege solutions ? We are actually looking for a tool to intensify data accessibility since we deal with most confidential data and invoices that needs to be retained for at least 5 years.

Our IT system is good as it is, but this has been an observation with our recent external audit which we need to comply with.