[unisog] Defending Administrative Rights policy
Davis,William
William.S.Davis at ColoState.EDU
Wed Sep 26 16:23:02 GMT 2007
I am defending our security policy that limits Administrative Rights to IT staff only and am looking for statistics and comments from other peer
universities on this policy.
If anyone would be willing to share any information with me I would be very grateful.
I am most interested in knowing:
1. Do you permit or deny Administrative Rights to general faculty/staff?
2. What constitutes and exception to this policy?
3. What infections/incidents, or lack thereof, have you experienced?
4. If a security incident occurred, what was the cost as a result?
5. If you permit Admin Rights, what additional security measures did you put in place or depend on?
6. What strategies do you use to enforce a "deny admin rights" policy for higher level administrative positions?
If you prefer, you can reach me off line at William.S.Davis at colostate.edu.
Thanks!
-Bill
***********************************************************************
William S. Davis
Network Security Administrator
SANS security certifications: GSEC,GCIH,GCFW,GCIA
Housing Technology Services
Colorado State University
***********************************************************************
More information about the unisog
mailing list