Home → Best Practices → Network Security → Server Security
1.3. Server Security
Must Have Practices Hardware should be in a secure location Document who has access to servers Secure access to network & power feeds to servers Patching should be completed for the OS and any installed 3rd party applications Change the default username for the Domain Administrator Account Best Practices Use a separate admin account to administer each server Technology administrators should have a standard user account for day-to-day tasks and a privileged account for administrative functions Use software that rotates passwords on a scheduled basis (Cyberark) Use a password manager Use of multi-factor authentication Run automated tasks/services under a dedicated service account