The Essentials Series: Fulfilling Compliance by Eliminating Administrator Rights

by Greg Shields


The widespread distribution of administrator rights in an IT infrastructure is not only a problem for security. It can also be the source of major findings during a company’s regular compliance audit. Due to issues with application design and intra-office politics, many IT organizations find themselves forced to distribute administrator rights to non-administrative personnel. Yet, this expansion of privileges can result in a drain on resources, an increased level of problems, and ultimately a less secure environment.

Does this describe you? Are you interested in the exact regulations that apply towards administrator rights, as well as ways to fulfill their compliance mandates? Then take a look at The Essentials Series: Fulfilling Compliance by Eliminating Administrator Rights. With a tight focus on specific business verticals, you’ll be impressed at how the right tools solve many of the same problems across each set of compliance mandates.


Article 1: Fulfilling FDCC Compliance by Eliminating Administrator Rights

The federal government's FDCC compliance regulations specifically state what security settings must be set for computers attached to government networks. However, those settings will prevent certain applications from running. Understand how to maintain compliance while retaining application compatibility in this article.

Article 2: Fulfilling Sarbanes-Oxley Compliance by Eliminating Administrator Rights

Virtually all publicly-held companies are required to follow Sarbanes-Oxley regulations. Those regulations require user and administrator logging as well as the elimination of administrator rights. Learn how to fulfill both in this article.

Article 3: Fulfilling PCI Compliance by Eliminating Administrator Rights

PCI compliance is specifically targeted towards companies that handle payment card data, and have very specific requirements for their fulfillment. Eliminating administrator rights through the fulfillment of the concept of Least Privilege will ensure that your applications continue to run as you secure your network and ensure compliance fulfillment.

Article 4: Fulfilling HIPAA Compliance by Eliminating Administrator Rights

If you’re in the health care industry, you know how HIPAA strongly protects electronic personal health information. Yet protecting that information comes at the cost of impacting your users’ abilities to get their job done. With the right tools, you can have both. Learn about those tools in this article.

Article 5: Fulfilling GLBA Compliance by Eliminating Administrator Rights

Of the compliance regulations in place today, GLBA can be considered the least specific. That means it can be the hardest to fulfill. Understand how GLBA compliance and the elimination of administrator rights work towards the same goals in this article.