SANS Institute - Implementing the Critical Security Control: Controlled Use of Administrative Privileges
There is a plethora of information available to help organizations protect their cyber assets. So much so that it has become difficult for some to know where to begin. The Critical Security Controls from the Center for Internet Security address this issue by prioritizing defenses based on their ability to prevent attacks that are currently being used to compromise networks. In this paper, the author walks through actually implementing Critical Security Control 5: Controlled Use of Administrative Privileges. Capital and personnel resources, the level of effort, project steps and political challenges will all be addressed to help the reader successfully implement this control in their environment.