The original post: /r/cybersecurity by /u/DesperateForever6607 on 2024-11-21 10:26:10.
Hello everyone,
Our security team recently proposed an idea to improve account security by requiring separate accounts for different functions for IT team—e.g., one account for daily work, another for email, another for remote VPN, and yet others for firewall or network tasks.
The rationale is to reduce the risk of lateral movement or broader domain access in case an account (like email) gets compromised.
Has anyone else implemented a similar approach?
Would love to hear your thoughts and experiences!
You must log in or register to comment.