Consistently I encounter new clients who have had their IT systems set up in less than optimal security configurations. One troubling issues is the prevalence (in the small/medium business space) of general office users having local (or even Domain) Administrator account. The administrator account in Windows allows you to generally manage the machine in terms of its configuration and installed software. At first glance this would sound like a great idea. Shouldn’t every user in a company be able to add programs or change settings as they see fit? The problem is that the risks of such a configuration FAR outweigh any benefits. Here is just a few of the supernumerary reasons why NOT to give administrator to anyone other than trained IT professionals.
Potential for Operator Error
The average computer user isn’t as good at assessing the safety of their computing experience. At no fault of their own they often fall prey to malware delivered via casual surfing, spam, emails, or even simple instant messages. Configuring a system to allow for any average user to have Administrative rights in Windows (or root in Unix/Linux) makes it so much easier for your business and its infrastructure to fall prey to criminally minded hackers. It allows all of the machines involved to execute any code they are give with those very same privileges. This effectively makes it much easier for you machines to be infected by malware and potentially experience data loss/downtime.
Potential for Criminal Behavior – Insider Threat
When everything is allowed by default – expect the worst. As odd as it sounds the risks to your company are very often greatest from your own employees. Startlingly, according to a 2005 computer crime survey by the FBI, 44 percent of organizations reported insider attacks. These came from often trusted employees who few expected would be a risk to their organizations. This is why it is important to give users the LEAST privilege (to information/computing resources) they need in order to perform their job function.
Potential for Violations of Industry Regulations
If you do not explicitly forbid changes to your systems/networks configuration you will most certainly eventually fall out of compliance with associated regulation. It can be assumed that is only a matter of time…
Least Privilege Makes Sense
In the most simplistic sense giving your employee Administrative privileges is like giving everyone in the office the keys to the safe and endless blank checks. It just isn’t prudent and in the end will come back to haunt you in the form of real quantifiable costs. Users should be regular domain users or local limited/restricted regular user account NOT administrators. Utilizing the notion of least privilege will be a good step forward (among many) in mitigating many potential security problems. This among a unified approach to computer security will save your organization time, money and head-aches.