Managing Elevated Privileges in the Enterprise Environment

Presented at NolaCon 2015, June 12, 2015, 2 p.m. (Unknown duration)

I'm sure that we've all experienced the chaos that a user with Administrative privileges can cause. Preventing or limiting damage, regardless of the severity, is paramount to the continued long-term survival of any organization. In this talk, I will identify some of the challenges that you are likely to face from your user community when implementing least privilege. I will also demonstrate how to identify and eliminate some types of application dependencies on privilege requirements. In a culmination of these ideas, I will show one method currently being used to automate the management and tracking of elevated privileges in a real-world environment through a variety of tools and scripts. The benefits of removing Administrative privileges far outweigh the risks, but a complete analysis of the environment and discovery of dependencies needs to be performed to help facilitate the planning and preparation of the deployment.


  • Erik Burgess
    Erik has been working in the Information Technology industry for the past twenty years, while primarily focusing on security for the past ten years. He has a diverse background, which includes work in a variety of industries and the Government sectors, which have all contributed to his vast knowledge and skill sets. Erik has a CISSP, some other certifications, and a Masters of Science in Information Assurance.


Similar Presentations: