Gå direkt till innehåll
 5 Reasons to Keep Admin Rights off your PC

Blogginlägg -

5 Reasons to Keep Admin Rights off your PC

Inuits leverantör Avecto bjöd in Sami Laiho, Microsoft MVP för att hålla ett webinar där han visar på varför det är så viktigt att ta bort administratörsrättigheter på Windows 7/8. Här sammanfattar Sami sina råd från webinaret.

There are many reasons why it’s a good idea to run without admin rights, but for a recent webinar by Avecto, I narrowed it down to my top 5 reasons why it’s important to do so.

You can hear more about these on the on-demand webinar and see real examples of ethical hacking, where I show you some actual scenarios of vulnerabilities in the Windows OS.

When talking about security, I always talk about proactive and reactive measures. Both are needed, but the proactive measures are much more important. This includes things like software whitelisting, managing permissions and firewalls. These protection layers keep the computer clean and efficient.

Reactive measures like anti-malware, blacklisting are usually late to the party – but should be layered on top of proactive prevention, just in case something gets through.

Here we’re talking about proactive measures – removal of admin rights (and the effective management of user rights using privilege management technology) to secure your business PCs – and the 5 big reasons why it can’t be avoided.

1) Keep malware off your computer

As your computer can’t differentiate between good and bad software, the only way to prevent the installation of malware is to prevent installations as a whole. So in this case, your standard everyday user shouldn’t be able to install software that affects the whole computer. Many people think that with UAC in Windows 7 and 8, there is no need to limit user admin rights. This is a myth and is far from the truth! In the on demand webinar, I demonstrate why.

I have recently seen code written by an 11 year old that configures the PC to run as a wireless access point, which can bypass UAC.

2) Keep the computer running smoothly

A limited user cannot write files or entries in places where admins can. Ultimately this means that by removing admin rights, your PCs are cleaner and more stable, with a longer lifespan. Usually people tell me that they reinstall their Windows OS every 6 months or every year to keep the machine running effectively. Without admin rights, there’s no need to do this. Less reinstallations means less helpdesk impact, and less cost.

3) Keep the protection enforced

An admin user can turn off your protective measures. They can disable your firewall, antivirus, encryption, Group Policy and more. And if the admin is running malware, the malware can do the same.

Shockingly, all big zero-day attacks reported in the media from 2010-2013 required admin rights! Malware could never affect the computer in the first place without admin rights.

4) Keep computers compliant

Microsoft’s own Security Policy states that a user in the local admin group can manage the computer 100%. There is no way of controlling administrators with Group Policy. They can do what they want, full stop.

They can deny the system from reading policies – and if you deny the rules, you don’t have to obey them! Watch the webinar to see how it’s done. Removing admin rights and running with standard users removes this risk immediately.

5) Keep your network clean

Your network is only as secure as its weakest link. One computer on the domain running admin rights is a hole that compromises the entire network. I demonstrate how admins can inject bait into a PC using a security gap, run with the highest privileges and bypass UAC to gain access to the whole network.

My top tips for removing admin rights:

  • There is always a trade off with removing admin rights. I talk about Security vs. Cost vs. Usability. You just need to decide the approach that’s right for you.
  • Admin rights need to adjust to a software-based approach, not user-based.
  • UAC is mandatory – you must run with UAC on. But app compatibility and user experience means you need a solution for customization.
  • Build a proof of concept – stop the process of giving out admin rights, figure out why admins have needed admin rights, and remove current admin rights. There are tools on the market to help you do this.

 Se inspelningen av Sami Laihos webinar "Hear from a Hacker: 5 Reasons to Keep Admin Rights off your Windows 7/8 PCs" här.


Relaterade länkar

Ämnen

Kategorier

Kontakter

Markus Arvidsson

Markus Arvidsson

Presskontakt Marketing Manager Marknadsföring och PR 08-753 05 10

Relaterat innehåll

Gartner: Se till att användare inte har admin-rättigheter

Gartners forskningschef Lawrence Pingree rekommenderar företag och organisationer att se till att användare inte har admin-rättigheter. Detta för att dämpa effekten av attacker som lurar användare att lämna ut information eller på annat sätt göra systemen sårbara. Hur kan man ta bort admin-rättigheter från användarna utan att de får problem och supporten blir överbelastad?

Gästblogg:  7 Windows 7 Resolutions for 2014

Gästblogg: 7 Windows 7 Resolutions for 2014

Inuits leverantör Avecto har bjudit in TechWorld redaktören John Dunn för att skriva denna bloggartikel för att hjälpa organisationer att uppnå en säker Windows 7 miljö.

Relaterade event

Beyond Anti-Virus: Next Generation Solutions for Next Generation Attacks

Beyond Anti-Virus: Next Generation Solutions for Next Generation Attacks

Tid 5 Juni 2014 17:00 – 4 Juni 2014 18:00

Plats Webbkonferens

Inuit AB - Effektiva och säkra IT-lösningar som förenklar din vardag

Inuit AB är en distributör specialiserad på produkter för drift och säkerhet för IT-system. Huvudfokus för verksamheten är att skapa kundnytta genom ökad produktivitet och säkra IT-plattformar. Lösningarna spänner över områden såsom ITSM-helpdesk, ärendehantering, hantering av klienter och mobila enheter, nätverks- och serverövervakning, molntjänster, IT-säkerhet, IT analytics, Identity Aceess Management och Active Directory.

Inuit AB

Enebybergsvägen 10A
182 86 Danderyd
Sverige