Edit this page

Collecting Metrics 2.7, 2.7.1, 2.7.2, 2.5

Privileged Network Accounts and Users

Calculator logo

  1. Identify the characteristics that make your agency’s network accounts privileged.

    • See the Definitions section for examples of these characteristics. They are typically groups in Active Directory.

  2. Search for accounts with the values identified in Step 1.

    • See the Tools & Tips section for example searches.

  3. Count the accounts that are assigned to/used by individual people and record number for Metric 2.7.
  4. Now, count the number of accounts that are shared by 2 or more people and record number for Metric 2.7.1.

    • See Definitions section for examples of shared accounts.

  5. Of the accounts identified in Step 4, count the number of unique people with access to these accounts and record number for Metric 2.7.2. You might need to contact the point of contact for the account to research this information.
  6. Of the accounts identified in Step 3, identify the number of users of the accounts. Take care to eliminate duplicates from the count if two accounts are researched and identified to be assigned to the same person. Record this number for Metric 2.5.Recycle logo

Save the result from Metric 2.5 (Step 6)!

You'll use the user information found here again for the next two metrics.