Topic

Separate privileged operating environments

Applicable to

all

History

Priority

must

Mar 2022

Removed

The security of administrative activities can be improved by segregating administrative infrastructure from an organisation’s wider network. In doing so, the use of a jump server (also known as a jump host or jump box) can be an effective way of simplifying and securing administrative activities. Furthermore, using separate jump servers for the administration of critical servers, high-value servers and regular servers can further assist in protecting these assets.

2015

Agencies must ensure that all administrative infrastructure including, but not limitedto, privileged workstations and jump servers are hardened appropriately as per therecommendations in the Software Security chapter.