At Concordia University, St. Paul, we have worked hard over the last five years to reduce our organizational risk. As we continue to embrace technology in our daily operations, it is crucial that we prioritize cybersecurity best practices, particularly when it comes to administrative accounts for software applications.

In line with the NIST framework recommendations, we urge all departments to adopt the following best practices for administrative accounts:

·Named Accounts over Generic Accounts: Utilize named accounts for individual administrators rather than relying on generic or shared accounts. This practice enhances accountability and enables better monitoring of administrative activities.

·Routine Password Changes: Implement a routine requiring regular administrative account password changes. Strong, unique passwords are the first line of defense against unauthorized access.

·Multi-Factor Authentication (MFA): Enable MFA for all administrative accounts that support this feature. MFA adds an extra layer of security by requiring multiple forms of authentication, making it significantly harder for attackers to gain access.

By adhering to these best practices, we can collectively fortify our digital defenses and safeguard the sensitive data and systems that power our institution. Remember, cybersecurity is a shared responsibility, and every individual plays a crucial role in protecting our digital assets.

If you need assistance or have any questions about technology best practices around accounts that you administer, please contact the IT department starting with the Help Desk at [email protected].