To explore options and implement a solution to better secure ASUrite Window OU-admin privileges.
Our goals are to:
- Create a technology environment supportive of system administration best practices.
- Reduce the exposure to the risks associated with malware on windows machines.
- Reduce the location and number of user identities on individual Windows Workstations.
- Using existing and tested technologies, allow safe system administration.
- Leverage Enterprise facilities for user identity management.
- Allow strong authentication through standardized protocols.
- Allow delegation of permission through membership in group or
role based systems or EDNA controlled services in organizations,
colleges, departments, etc.
- Allow hierarchical grants of authorization to specific organizational units to enable control over machines in that unit.
- Allow and encourage the practice of privilege separation.
- Minimize the risk associated with regular use of administrative permissions.
