Eaton VoCALL 16 Installation And Operation Manual
Also see for MX16: Installation and operation manual
                                                                                                                    | |
Contents
|
114 InStALLAtIon And opErAtIon mAnuAL 25-13741-E January 2020 www.eaton.comAPPENDIXAccountManagement Logical access to the system | device should be restricted to legitimate users, who shouldbe assigned only the privileges necessary to complete their job roles/functions. Some ofthe following best practices may need to be implemented by incorporating them into theorganization’s written policies:• Ensure default credentials are changed upon first login. VoCALL 16 should not be deployedin production environments with default credentials, as default credentials are publicly known.• No account sharing – Each user should be provisioned a unique account instead of sharingaccounts and passwords. Security monitoring/logging features in the product are designedbased on each user having a unique account. Allowing users to share credentialsweakens security.• Restrict administrative privileges - Attackers seek to gain control of legitimate credentials,especially those for highly privileged accounts. Administrative privileges should be assignedonly to accounts specifically designated for administrative duties and not for regular use.• Leverage the roles / access privileges mentioned in Section 11 to provide tiered accessto the users as per the business /operational need. Follow the principle of least privilege(allocate the minimum authority level and access to system resources required for the role).• Perform periodic account maintenance (remove unused accounts).• Enforce session time-out after a period of inactivity.Loggingand EventManagement• Eaton recommends logging all relevant system and application events, including alladministrative and maintenance activities.• Logs should be protected from tampering and other risks to their integrity (for example, byrestricting permissions to access and modify logs, transmitting logs to a security informationand event management system, etc.).• Ensure that logs are retained for a reasonable and appropriate length of time.• Review the logs regularly. The frequency of review should be reasonable, taking intoaccount the sensitivity and criticality of the system | device and any data it processes.Refer section 14, 16 for more information.SecureMaintenance Refer to section 16 for more information. |
Related manuals for Eaton MX16
manualsdatabase
Your AI-powered manual search engine