1 Reply Latest reply on Nov 23, 2016 8:39 PM by Justin D'Cruze

    Service Accounts as Site Admins:  Just Say No!

    Toby Erkson

      I've had a couple of Site owners that want to use a service account (a.k.a. faceless-account or shared logon) as a Site Administrator.  This way anyone who knows the account can logon and go to town.  Am I the only person who sees the security and accountability danger in this?

      http://cdn.business2community.com/wp-content/uploads/2012/10/tumblr_mbqbe1JeoD1r7ub2p.jpg

      Here's what I recommend to those who want to use a service account as a Site Admin:

      Using a service account is not recommended as it is a security risk.  Give the account Publish rights and/or Project Leader to each Project if you want a “super-user” account.

       

      While that may not be ideal it's still better than Site Admin.

       

      I also like to see only 2 or 3 Site Admins per Site, no more.  Too many admins can bring about inconsistencies and cause issues, particularly around permissioning.  Thought really needs to be given as to why someone should be give Site Admin rights.

      I also recommend that a Site Admin be someone who is not a contractor, that they should be a full-time/permanent employee.  Again, this takes into consideration security and accountability.

       

      So what have some of you done?  What rules do you have for Site Admins...or do you?