If someone were to ask for permission to systematically destroy the corporate IT infrastructure, and ultimately bring the business to its knees, the obvious response is ‘NO’. However, for some reason, employees are often given the power to do exactly that.
The unfortunate reality is that when businesses decide on their approach to admin rights, the decision is more often than not based on cost.
In a perfect world, every organisation would take the first option.
But we don’t live in a perfect world and the reality is that the second option appears, at first glance, more cost effective. So, when a user rings asking for permission to install a missing piece of software, the quickest (and usually cheapest) option is to grant them admin rights.
However, you may as well have given them a time bomb to hide in the network.
Most organisations have no way of auditing what a user with admin rights has done during this privileged period and, additionally, all too often the admin rights aren’t revoked immediately, leaving the desktop and entire IT infrastructure open to abuse.
So, just what are the risks if users have admin rights?
Here’s the top ten:
While each point is damaging, you might find it’s a combination of these that your organisation has to face. So, what can you do about it?
Tip 1: Group Policy
A feature of Microsoft, you can use group policy to control what users can and cannot do on the system. By restricting certain actions, such as blocking access to the task manager, restricting access to certain folders, and disabling the downloading of executable files etc., many of the risks outlined previously can be minimised.
Tip 2: Don’t give users admin rights in the first place!
It’s a fact that approximately 90% of malware relies on some form of admin right through which it can access and infect the system. Instead, a least privilege approach will remove the risk of installing malicious software – intentionally or accidentally, as well as restricting users’ malicious or inept behaviour. This means ensuring, either manually or with software, that every process, user or program can access only the necessary information and resources.
Tip 3: Protect the perimeter
Create white and black lists that control which applications and devices can run in your environment. That said, even authorised storage devices can be risky as cases of USB memory devices, containing an autorun malware, infecting networks have shown. Make sure drivers include digital signatures.
Tip 4: Secure web browsers and email clients
As we said earlier, these are the window to the IT-world and your first line of defence, so forbid unauthorised browser applications.
Tip 5: Education
Although an obvious one, it’s astonishing how many employees are oblivious to the risks they expose their organisation to. IT policies not only need to be created, and regularly updated to encompass new risks, but also communicated to users. They should cover key user activities including which websites they should/shouldn’t visit; types of devices allowed; what they can or can’t do with data; and passwords.
Ten years ago organisations didn’t have a choice regarding admin rights. Today they do. If yours decides to allow them, prepare for the consequences.
Paul Kenyon is the COO of privilege management company, Avecto.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…