Lock down user access and privileges

Lock down user access and privileges

The following tip is one of six steps to help you protect Windows systems from bi-modal attacks. Click to return to the main page.

Users should not be Administrators. Malware tends to execute with the privileges of the currently logged-in user. If the user did not have access to key system files and was not authorized to install software, the malware would be stopped dead in its tracks. Unfortunately in most cases, users do have Administrator privileges on their own machines, which means that malware executed under their privileges has carte blanche on the system as well.

Many users, particularly those in the executive suites, jump and holler when talk begins of removing or restricting their access to their own machines. For the sake of security, general access should be limited, but that is a tough, uphill battle which requires the support of senior leadership to have any chance of success.

More information:

Checklist: Lock down Joe User's administrator rights

Checklist: Control Joe User's actions

Checklist: Three security mandates for any Windows environment

Click for the next tip in this series: Training, training and more training

Dig Deeper

People who read this also read...

Related glossary terms

Terms for Whatis.com - the technology online dictionary

Show me more

This was first published in June 2005

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

More from Related TechTarget Sites

Server Virtualization
Cloud computing
Exchange
SQL Server
Windows IT
Enterprise Desktop
Virtual Desktop

Server Virtualization
- VMware pros glean vSphere roadmap from CTO in VMUG videos
  
  VMware customers hope that vSphere virtualization products will soon have more automation and integration.
- New virtual data center design decisions with Hyper-V 3.0
  
  IT pros are presented with new virtual data center design options, thanks to new feature in Hyper-V 3.0. So which architecture will you choose?
- How promiscuous mode affects virtual network security
  
  Enabling promiscuous mode could spell doom for your virtual network security, especially if inexperienced IT pros are at the helm. So take caution.
Cloud computing
- Azure’s identity crisis and other cloud computing sound bites
  
  Microsoft Azure wants to be called Loretta. No, that’s not true. Or is it? Find out that answer and other news overheard in the cloud this past week.
- Is PaaS just another four-letter word in cloud computing?
  
  PaaS is a quick fix for companies looking to deploy new apps, but established firms with legacy apps may consider it a dirty word.
- PaaS selection starts at the programming language
  
  The PaaS market is growing without a single leader or approach. Picking a model should involve more than just saying, ‘Eeney, meeney, miney, moe.’
Exchange
- How Microsoft’s new certification program affects Exchange admins
  
  Microsoft recently updated its certification program, but what does that mean for Exchange admins? Long-time expert and MVP Tony Redmond chimes in.
- How to manually uninstall Exchange Server 2010
  
  Severe damage to Exchange Server 2010 may require you to uninstall the program. Follow these tips to prevent harm to Active Directory.
- How to fix three nagging iPhone problems in Exchange 2007
  
  If your iPhone users are having trouble accessing Exchange 2007 email and calendaring, you can sidestep the problems before they happen.
SQL Server
- Configuring SSRS the easy way
  
  Demystify the SQL Server Reporting Services (SSRS) configuration process. Get an overview of this tool and guidelines for how to set up each screen in SSRS from industry professional Roman Rehak.
- SQL Server Upgrade Advisor, Upgrade Assistant can ease transition pains
  
  You probably think you’re ready to upgrade to the new release, but you might not be as prepared as you think. Before you upgrade, there are some tools to become familiar with, says Bob Sheldon.
- ODBC drivers replacing OLE DB? Say what?
  
  After years of telling SQL Server users to avoid ODBC in favor of OLE DB, Microsoft has suddenly reversed its position and advised going back to ODBC. Why? And what should you do about it?
Windows IT
- Understanding management gets your IT department what it needs
  
  Crafting the perfect pitch can be difficult in a budget-conscious workplace. Knowing how management will react to proposals can help.
- What's in a name? Azure branding confusion and the meaning of 'badware'
  
  Find out why Microsoft had some questioning its mental health and what mosquitos have to do with the ongoing malware fight.
- Active Directory domain joins and Microsoft certifications: less important than you think
  
  In this new feature, we examine Windows quotes and tell the stories behind the sound bites. First up: Why you need to rethink Active Directory domain joins.
Enterprise Desktop
- Tuning and tweaking device drivers on the Windows 8 Consumer Preview
  
  The Windows 8 Consumer Preview recognizes most hardware, but you should keep up on OS and chipset developments and review Windows device drivers. Here's where to start.
- Delivering Windows device drivers made easy with deployment images
  
  Windows device drivers are needed to get a variety of hardware to work together. The deployment image for updating operating systems and apps can facilitate desktop maintenance.
- Mac OS X Lion security flaws no longer a reason to delay adoption
  
  Mac OS X Lion security vulnerabilities have delayed adoption since Apple released the operating system. After some much-needed updates, is the OS finally enterprise-ready?
Virtual Desktop
- Citrix integrates NxTop and XenClient, introduces Project Avalon
  
  Citrix is on a roll. The company flooded VDI shops with news of updated offerings and detailed the future of acquired competitor Virtual Computer.
- Dell and HP churn out VDI hardware as thin client war heats up
  
  Hewlett-Packard and Dell have their eyes on the virtual desktop market, and both introduced new client technologies that hinge on VDI at Citrix Synergy 2012.
- How to stagger your VDI project rollout: Start with a VDI POC
  
  Slow and steady wins the race. After analyzing a VDI POC, stagger your VDI project rollout so resources aren't overwhelmed and users can get used to the new technology.

All Rights Reserved, Copyright - 2012, TechTarget