RE: Securing Service Accounts - Good Practices

Thank you all for the valuable feedback. It's been very helpful!



-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of J. Oquendo
Sent: Wednesday, September 24, 2008 9:01 AM
To: David Tobias
Cc: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Securing Service Accounts - Good Practices

On Wed, 24 Sep 2008, David Tobias wrote:

The grand question here is what is the best practices/guidelines when
encountering this type of solution. Do we remove each service account,

one by one, waiting to see what, if anything, fails and then decide
how to give rights to that account? What about in the future, when
creating and securing new accounts...what are the best guidelines and
practices to go by?

Sort of a difficult question to answer respond to provided no one know
what the environment you're working at is. There could be limitations to
what some will send you in regards to best practices and guidelines for
their industry. E.g., are you in an environment where information has to
be highly compartmentalized?

I suggest beginning by getting in touch with your CISO, CSO and having
an assessment and analysis done. You're missing a large scope in regards
to INFORMATION security - don't let the technological part confuse you.
There can be a large consequence not to mention financial risk of
"waiting to see what fails".

http://technet.microsoft.com/en-us/library/cc773365.aspx

An analysis and BIA will identify what needs to be done in the best
fashion from the business side of things first where the risks are
weighed and decisions would be made to promote a healthier more secure
and robust solution. My two cents.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, CNDA, CHFI, OSCP

"A good district attorney can indict a ham sandwich if he wants to ...
The accusations harm as much as the convictions ... they're obviously
harmful or it wouldn't be news.." - John Carter

wget -qO - www.infiltrated.net/sig|perl

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB

Relevant Pages

  • Re: [fw-wiz] iso 17799
    ... > Anytime you hear someone using the phrase in the context of computer ... Not using getsis part of the best practices for writing C code. ... Using a firewall is part of best practice for securing your network. ... Using $FOO firewall is part of best practices for securing your network. ...
    (Firewall-Wizards)
  • Re: Securing Service Accounts - Good Practices
    ... Trying to limit down current service accounts that are domain admins. ... Ongoing good practices for service accounts. ... Some service accounts may have a justified reason for running as domain admin. ... insecure) and assign domain admin privileges to most of these accounts. ...
    (Security-Basics)
  • Best security practices for IIS6/2203
    ... I am assisting our web developers in setting up IIS6 on a new 03 box ... and am looking for some whitepapers to best practices for securing and ...
    (microsoft.public.inetserver.iis.security)