Safe actions
Use a Privileged Access Workstation (PAW) for the following actions:
Action | Notes and Cautions |
---|---|
Isolated use of admin credentials to ensure their integrity | Only type your admin credentials into the PAW; never use them on any other system. Reduce and try to eliminate logging into servers through Remote Desktop Protocol (RDP) and the console with your admin credentials. |
Remote assistance/screen sharing to allow you to work with vendors and remote support assistant | Use the installed web browser and standalone BlueJeans and WebEx clients. Never allow remote control of mouse or keyboard. |
Managing physical server hardware with Dell Remote Access | Use the installed web browser and Dell plugin (ActiveX for Windows systems). |
Remote administration of servers to allow remote server management tasks | Whenever possible, use management techniques that do not place your credentials on the remote server. For Windows servers:
|
Unsafe actions
Do not use a PAW for the following actions:
Action | Notes and Cautions |
---|---|
Using email or webmail | Phishing attacks via email can allow a trusted machine to follow links, download files, or execute files. |
Browsing the web | Only use the web browser to manage servers and applications, not for general web browsing. |
Allowing remote control | Remote control systems such as LogMeIn allow remote entities to access the system. |