Title

E-mail software installation account usage is not logged. (Cat III impact)

Discussion

E-mail Administrator or application owner accounts are granted more enhanced privileges than non-privileged users. It is especially important to grant access to privileged accounts to only those persons who are qualified and authorized to use them. Each use of the account should be logged to demonstrate this accountability.

Check Content

Procedure: Interview the IAO or E-mail Administator. Verify implementation of logging procedures defined for use of the Exchange 2003 installation account. Criteria: If E-mail software installation account usage is logged, this is not a finding.

Fix Text

Procedure: Develop and implement a logging procedure for use of the Exchange 2003 software installation account that provides accountability to individuals for any actions taken by the account.

Additional Identifiers

Rule ID: SV-20652r1_rule

Vulnerability ID: V-18868

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.