Safe actions
Use a Privileged Access Workstation (PAW) for the following actions:
| Action | Notes and Cautions |
|---|---|
| Isolated use of admin credentials to ensure their integrity | Only type your admin credentials into the PAW; never use them on any other system. Reduce and try to eliminate logging into servers through Remote Desktop Protocol (RDP) and the console with your admin credentials. |
| Remote assistance/screen sharing to allow you to work with vendors and remote support assistant | Use the installed web browser and standalone BlueJeans and WebEx clients. Never allow remote control of mouse or keyboard. |
| Managing physical server hardware with Dell Remote Access | Use the installed web browser and Dell plugin (ActiveX for Windows systems). |
| Remote administration of servers to allow remote server management tasks | Whenever possible, use management techniques that do not place your credentials on the remote server. For Windows servers:
|
Unsafe actions
Do not use a PAW for the following actions:
| Action | Notes and Cautions |
|---|---|
| Using email or webmail | Phishing attacks via email can allow a trusted machine to follow links, download files, or execute files. |
| Browsing the web | Only use the web browser to manage servers and applications, not for general web browsing. |
| Allowing remote control | Remote control systems such as LogMeIn allow remote entities to access the system. |
