Consistently I encounter new clients who have had their IT systems set up in less than optimal security configurations. One troubling issues is the prevalence (in the small/medium business space) of general office users having local (or even Domain) Administrator account. The administrator account in Windows allows you to generally manage the machine in terms of its configuration and installed software. At first glance this would sound like a great idea. Shouldn’t every user in a company be able to add programs or change settings as they see fit? The problem is that the risks of such a configuration FAR outweigh any benefits. Here is just a few of the supernumerary reasons why NOT to give administrator to anyone other than trained IT professionals.