Lock down user access and privileges

The following tip is one of six steps to help you protect Windows systems from bi-modal attacks. Click to return to the main page.

Users should not be Administrators. Malware tends to execute with the privileges of the currently logged-in user. If the user did not have access to key system files and was not authorized to install software, the malware would be stopped dead in its tracks. Unfortunately in most cases, users do have Administrator privileges on their own machines, which means that malware executed under their privileges has carte blanche on the system as well.

Download this free guide

Download: Buyer's Guide to Windows Server 2016 in 2017

You may be due for an upgrade! Check out our full Windows Server 2016 Buyer's Guide to see if a switch to the new server would be the best move for your organization.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Many users, particularly those in the executive suites, jump and holler when talk begins of removing or restricting their access to their own machines. For the sake of security, general access should be limited, but that is a tough, uphill battle which requires the support of senior leadership to have any chance of success.

More information: