Windows Tip: When no password can be best
Send
your Windows question to Mitch today! | See
other Windows tips
You've got a room full of business-critical servers. The room has a cardkey
lock that requires pin entry as well. The servers are rack-mounted and are locked
in their respective rackmount enclosures. You usually manage these servers remotely
from a secure workstation in your office, but as a failsafe option you can also
log onto them locally inside the server room if you need to.
For purposes of managing your servers remotely, you need to use administrator-level
accounts. Because the servers are domain-joined, you can use a single Domain
Admins account to manage them, and you assign this password a strong (long and
complex) password to safeguard the account. But each server also has its own
built-in local Administrator account, and you want to make sure that account
is secure too. However, the only time you would use these built-in accounts
would be in a last-ditch situation where you had to go into the server room
and log on interactively to the servers, for example for disaster recovery purposes.
Of the following three choices, which would be the best approach for securing
these built-in Administrator accounts? And which would be the worst approach?
(A) Give each server's Administrator account its own strong password that is
unique to that server.
(B) Give each server's Administrator account the same strong password.
(C) Leave each server's Administrator account blank
The best choice given the above scenario would be C, while the worst would
be B. Why? The best choice is C because from Windows XP onwards, if the password
for an account is blank then you can't use that account to log on over the network.
In other words, by leaving the password blank for each server's local Administrator
account, you are automatically making it impossible to use these accounts to
manage the servers remotely over the network. The only way you can log on with
these accounts is if you have a cardkey, know the pin, and have the key to the
appropriate rack.
This advice may seem counterintuitive -- after all, how can an account with
no password possibly be secure? Well it is in Windows, but only if it's used
over the network. If someone did get physical access to your servers, they could
of course easily log on as Administrator and wreak havoc on your business. Does
that make you nervous? It shouldn't -- you would be better off worrying about
the different ways someone might get hold of a cardkey, obtain the pin, and
get their hands on the keys to your racks.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
