IT administrators and employees are held to a very high standard and it is absolutely critical they stand up for what is right and ethical. IT employees are constantly exposed to sensitive data and information. One important standard or good practice IT professionals should follow and abide by is; “Least Privilege” and “Need to Know.” “Least Privilege” is defines as; IT employees should be granted the minimum amount of access …show more content…
Having employees tell us their password is not illegal, but it is something that both my boss and I are passionate about, and we want to limit the times we receive employee password information. The ideal situation we want to instigate is that employees would never have to give us access to their passwords, we should have them enter their credentials for us once, and then we access their computer and programs. This goes along with the practice of “Least Privilege” we should only have employees give us their passwords and credentials when it is absolutely necessary. My supervisor and I have discussed ways around this because neither of us feel good about getting passwords and credentials from employees on a regular basis, but it is difficult because that is the unwritten standard at my company, and has been for