NCSC Feed: Systems administration architectures

Mar 12, 2025

—

Source URL: https://www.ncsc.gov.uk/guidance/systems-administration-architectures
Source: NCSC Feed
Title: Systems administration architectures

Feedly Summary: There are a number of different architectural models that can be used to design the administration approach for IT systems. This section describes some common approaches and the risks associated with each.

AI Summary and Description: Yes

Summary: The text emphasizes the importance of securing end-user devices used for service management, highlighting specific best practices for administrators. It addresses the significant risks to these devices and presents actionable recommendations to mitigate threats.

Detailed Description: The text outlines the critical need to secure end-user devices, especially since they are attractive targets for attackers. Here are the key points and recommendations provided:

– **End User Devices as Targets**: The text establishes that end-user devices are valuable targets for attackers, making their protection a priority.

– **Best Practices for Administrators**:
– **Separate User Accounts**: Administrators should maintain distinct user accounts for administrative tasks and regular business activities. This reduces the exposure of privileged accounts, thereby minimizing the risk of compromise.
– **Context Separation**: Administrators should avoid browsing the internet or accessing external emails from the same environment in which they manage systems. This approach helps prevent potential attacks, such as spear-phishing or watering-hole attacks, from compromising administrative privileges.
– **Strong Authentication**: Implementing strong authentication measures is crucial before performing service management functions to ensure that access is controlled and monitored.

– **Recommendations for Windows Environments**: The text mentions adherence to Microsoft’s guidelines on securing privileged access, suggesting a proven framework for enhancing security in Windows-based systems.

Overall, the guidance presented in this text is essential for security professionals focusing on infrastructure and information security, aimed at preserving the integrity of administrative actions and protecting critical systems from attacks.

a access account Act actions administration administrative privileges administrators AI and Arch architectural architecture architectures as attack attackers attacks authentication authentication measures based based Systems Best best practices business by C CIA Context control critical D de design e email end environment event exp External for framework g Go guidance guidelines H high Highlight HR http HTTPS in information information security infrastructure integrity inter intern internet ite k Key l led Li making man management Micro Microsoft mini Mode model models Monitor N NIST o of on out over phi phishing point potential pre preserving privileged access privileged accounts professionals protection R rate RCE recommendations red Risk risks Ro RoT s sec secure security security professionals service Service Management Sig SoC source spear spear-phishing specific SSE Strong Authentication system systems systems administration T Task tasks text the threat threats to Tor TP UI UK US use user user devices uth V val Wi Wind Windows Windows environments x