Role: System Administrator
-
Multi-factor authentication on Servers and Applications
—
by
Utilize multi-factor authentication for remote interactive user and administrator logins
-
System inventory
—
by
Create and maintain an inventory of systems that includes device ownership, contact information, and network configuration.
-
Application inventory
—
by
Create and maintain an application inventory that includes assigned risk classification level, data volume, and users with access.
-
Protect paper documents
—
by
Lock hard copy information records in a file cabinet within a locked office.
-
Physical security of storage
—
by
Restrict physical access to any storage facility that contains physical media with this level of information. Only authorized individuals may have access either through a physical or electronic key.
-
Traveling with Media
—
by
Plan ahead to keep paper research data and forms (e.g., field notes, observations, interviews, informed consents) secure while traveling abroad.
-
Don’t reuse passwords
—
by
Do not reuse passwords for multiple services. Do not use your Kerberos password for non-Kerberos enabled systems.
-
Use strong passwords
—
by
Use strong passwords. Change authentication keys e.g., password, certificate, regularly – at least annually.