Segregation of Administrative Infrastructure for Server Security
Keep management systems for different types of servers separate to ensure better security.
Plain language
This control is about keeping the management systems for different types of servers, like your critical business systems and everyday servers, separate. This matters because if these systems are compromised, it could disrupt your business operations or expose sensitive information. By isolating administration setups, you reduce the risk of a security issue spreading across all your servers.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Feb 2022
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Guideline
Guidelines for system managementSection
System administrationOfficial control statement
Administrative infrastructure for critical servers, high-value servers and regular servers is segregated from each other.
Why it matters
If admin infrastructure is not segregated, compromise of lower-tier admin systems could pivot into critical server administration and enable outages or data theft.
Operational notes
Segregate admin networks, jump hosts and accounts by server tier (critical/high-value/regular); block cross-tier access and routinely review firewall rules and admin group membership.
Implementation tips
- The IT manager should categorise all servers into groups like critical, high-value, and regular servers, based on their importance and the sensitivity of the data they handle. This helps determine which servers need stricter control setups and ensures resources are allocated appropriately.
- Network administrators need to set up separate management networks for each server category. This can be done by creating distinct network zones that do not interact, ensuring that if one section is compromised, the others remain safe.
- System administrators should use different login accounts and passwords for each server type. They can achieve this by maintaining separate administrative credentials for critical and regular servers, which reduces the risk of a compromised account affecting multiple systems.
- The HR department should ensure that staff have appropriate access levels when joining or changing roles. They should regularly review who has administrative rights to each type of server and adjust these rights as necessary to prevent unnecessary access.
- The IT team should install monitoring tools to track access and modifications made to each server's management systems. These tools should alert the team of any unusual activity, such as attempts to access the critical server management systems from the regular server network.
Audit / evidence tips
-
Aska list of all server categories and their assigned management networks
Goodeach server category has a clearly defined network that doesn't overlap with others
-
Goodeach server category has unique login entries for its management systems, without crossover access
-
Aska staff access review report
Goodaccess rights were reviewed within the past six months and adjusted accordingly, with approvals from the department head
-
Goodalerts are regularly reviewed and seem to focus on attempts to cross-network administrative access
-
Askincident response plans specific to each server category
Goodcritical servers have stricter and more comprehensive response plans compared to regular servers
Cross-framework mappings
How ISM-1750 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| sync_alt Partially overlaps (1) expand_less | ||
| Annex A 8.22 | Annex A 8.22 requires groups of services, users and systems to be segregated in organisational networks to reduce risk and control access... | |
E8
| Control | Notes | Details |
|---|---|---|
| sync_alt Partially overlaps (1) expand_less | ||
| E8-RA-ML3.2 | E8-RA-ML3.2 requires privileged administration to be performed from Secure Admin Workstations, separating admin activity from general use... | |
| handshake Supports (2) expand_less | ||
| E8-RA-ML1.2 | ISM-1750 requires segregation of administrative infrastructure between critical, high-value, and regular servers to prevent cross-contami... | |
| E8-RA-ML2.4 | E8-RA-ML2.4 requires administrative activities to be conducted through jump servers as a controlled choke point for privileged management | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.