Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Current »

What is Group Membership Enforcement?

Group Membership Enforcement is a control for:

  • Policy compliance
  • Regulatory compliance

Group Membership Enforcement is a security control to prevent insider and external abuse. It is a security "Best Practice" to eliminate unnecessary privileged accounts. Although Group Membership Enforcement can be applied to any group, however 98% of the time it is applied to the Administrators Group. Group Membership Enforcement ensures membership to the Administrators Group is enforced at all times.

Before enforcing groups and users, you must first must run the Local User Inventory Policy . Running the policy discovers the resources that you can work with. 

Always Include the Built-In Administrator

Always include the Built-In Administrator Account into the Local Administrator Group!

  • No labels