IT professionals, such as system and network administrators, help desk staff, management personnel, and sometimes external vendor representatives, are routinely provided full access to company servers, network devices and data so that they can effectively perform their jobs.

This customizable policy, written by Scott Matteson for TechRepublic Premium, provides guidelines for a company and its IT staff to ensure the appropriate administration of and access to critical systems and confidential data. It also includes procedures to follow and methods for monitoring to make sure that these requirements are consistently met.

• Featured text from the download:

  No staff members, whether inside or outside of IT, should ever share their account information or passwords.

  Administrative rights to systems and access to data should be granted to IT staff on a “least privilege” basis so that they can perform the tasks needed to do their jobs but nothing further.

  IT staff should use their own elevated-privilege accounts to perform administrative tasks so that these activities can be monitored. Avoid using the generic “Administrator” or root accounts for this work.

Boost your IT and business operations with our in-depth seven-page document. This is available for download at just $19. Alternatively, enjoy complimentary access with a Premium annual subscription.

TIME SAVED: Crafting this content required 14 hours of dedicated writing, editing, research, and design.