How Do You Protect Yourself Against Rogue Admins?

Given the recent problems the city of San Francisco has had with a criminal network admin, what have you done to protect yourself from getting into a similar situation? I found an interesting article at TechRepublic that can help you with this problem at

The key take home messages from this article include:

  • Use the principle of least privilege. Restrict network admins to only those resource they actually manage and no more
  • Everyone on the IT team doesn’t need to have access to the domain admin passwords
  • Daily checks of addition to admin-level groups should be performed and compared with previous days’ lists
  • Every admin activity on the network should be logged
  • When a member of the IT team leaves the company, the employee to be escorted to his desk to collect his belongings, badges and keys. However, before that, an account admin should be removing his accounts, by disabling them first and subsequently removing them.



Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting

PROWESS CONSULTING documentation | integration | virtualization
Email: [email protected]
MVP – Forefront Edge Security (ISA/TMG/IAG)

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top