Often overlooked, but a highly effective and simple method to mitigate data security risk, is limiting end-user permissions.  Especially for this post, we’re discussing limiting or removing altogether, local administrative rights. When it comes to assigning permissions within an organization, a best practice is to assign the permissions that are only necessary for end users to do their jobs. In accordance with this principle, we always recommend that end users use an account on their PC that does not have administrator permissions, unless there is a strong business justification to do so.  So, what are the risks of having admin access to your computer?

When reviewing Diligex’s Help Desk ticket history, the majority of viruses, computer slowness, and operating system issues are a direct result of an end user having local administrator access to their computer.  Opting to allow users administrator access to their computers will cause your total technology costs to rise (e.g. fixing computer issues, employee downtime, data loss from virus infections). This means that it’s important to ensure that the increased potential cost is justified as necessary, and is a legitimate business need.

Administrator accounts on a computer allow the user to install software, make any change to the system settings, and override local folder permissions. This might not seem like a big deal, but let’s consider the possible consequences.

Anytime a user has access to an administrator account, any of the below can occur:

• Unauthorized software can be installed on the computer, leading to non-work-related activities and possible computer slowdowns or shutdowns.
• Unlicensed software can be installed, opening your business up to potentially hefty fines from software vendors.
• Users can intentionally or unintentionally execute a malicious program, leading to infections that could potentially span many computers on your network. These are often undetectable by anti-virus programs (frequently because the user specifically allows them to execute).
• If multiple users use a single PC, the administrator account can be used to access data in other user profiles. This could allow for data breaches, theft, and privacy concerns.
• Operating system settings can be changed intentionally or unintentionally causing potentially unfavorable consequences.

Limiting users access might seem like an inconvenience for some, but mitigating the significant risks and costs associated with running with Administrator access, is well worth any inconvenience. We have seen firsthand the devastation that can occur when malware can run with full admin access. The cost for your business could be well over $10,000.

Let’s look at the Pros and Cons of different operating scenarios for a mythical user “John Doe”:

The User ‘John Doe’ is assigned ‘user’ limited access permissions.

Pros

• Significantly decreased the likelihood of malware infection.
• John Doe cannot access any files outside of his profile without explicit permissions granted by an administrator.
• Critical system settings cannot be modified without the intervention of an administrator.
• Only company approved software can be installed on the PC, reducing distractions and keeping PC running smoothly.

Cons

• Some software (usually old or poorly designed) will not run without an administrator account.
• The user will need to contact a Support Technician when they change settings or install programs. This usually does not happen often, but it can slow down some work in the short term (in exchange for long-term system stability).
• Some users may take offense to not having unrestricted access (especially if they’ve had it in the past).

The User ‘John Doe’ is assigned a ‘user’ limited access account for day to day work but is also given access to a separate ‘local administrator’ account that can be used as needed.

Pros

• Some forms of malware will not be able to install and run to the computer.
• Provides the user with a “stop sign” when administrator credentials are requested, reminding that an action is being taken that will modify the system.
• Users can install software at their convenience (which may be necessary if the user is frequently mobile or does certain job functions).

Cons

• Some forms of malware may request administrator permission to install, which the user can bypass (intentionally or unintentionally).
• The user has unrestricted access to all files stored on the local machine (including those for other users that use the same PC).
• Software installation and setting changes are unlikely to be reviewed by a qualified Engineer prior to their introduction.

The User ‘John Doe’ is assigned as ‘local administrator’ full access account which is used daily.

Pros

• The user has complete flexibility to install software and make other system modifications at their leisure.

Cons

• The unauthorized software may be installed with no auditing.
• Malware can potentially install/execute on the computer with limited user notification.
• The user has unrestricted access to all files stored on the machine regardless of their set permissions.

Diligex has been managing networks and infrastructure for years, and those clients who follow our best practice, have been saved the time and money it takes to clean up an attack gained by a user with Administrator access. Over 95% of our clients follow the first scenario above for all users, while a few follow the second scenario due to actual work needs. As part of our “user” access best practice, our experienced Windows and Mac Technicians will review software installations and modifications to settings prior to their introduction into your environment, limiting the potential for those installations and modifications to cause expensive downtime.

Our bottom line advice?  Don’t be penny wise and a pound foolish when granting an employee request to have ‘admin rights’ to their PC or MAC.  Think through the ramifications of doing so.  If you have any questions, please don’t hesitate to reach out.  We’re here to help.