Burdette recommends that companies mandate two-factor authentication for all remote access systems for all employees and business partners and anyone else accessing the networks.
In addition, users should not have local administrator rights, and administrator accounts and other privilege accounts should be audited and monitored.
"Use an account management system to limit the lifetime and usefulness of user credentials," Burdette added.
Where powerful system management tools are concerned, he suggested that companies study the behavior of typical users and learn to differentiate between legitimate and suspicious behaviors.
"It's not feasible to just disable this functionality," he said.
Sign up for Computerworld eNewsletters.