What About Service Accounts?

As you saw in Chapter 2, and as we spent a lot of time discussing in Chapter 8, "Security Dependencies," service accounts are one of the simplest ways to turn a compromise of one system into a compromise of an entire network. Much of this stems from reuse of service accounts across systems, but we also find that most service accounts are granted privileges they do not need. It is extremely common to run services, just like all applications, as an administrator just because "everything works when we do that." To protect your network, you need to consider what privileges your services really need.

Protect Your Windows Network From Perimeter to Data
Protect Your Windows Network: From Perimeter to Data
ISBN: 0321336437
EAN: 2147483647
Year: 2006
Pages: 219

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net