IT Professionals have deployed sophisticated firewalls, installed robust antivirus products, and implemented patch management solutions to keep enterprise hardware and software safe and secure. While this layered approach is effective against most exploits and potential infections, our machines still seem to get infected with useless and malicious third-party programs, toolbars, and trackers.
Isn’t there something more we can do? A recent study conducted by Avecto, a provider of privilege management solutions, indicates there is definitely more we can do—remove local administrator rights from end users’ workstations. Local admin rights are the highest level of permissions granted to a user of an individual workstation. They allow a user to install software, modify configurations, and perform other high level changes.
Network Administrators have known for years that local admin rights should be removed if they are not required. But not until the Avecto study has anyone really examined the benefits of removing local administrator privileges from end users’ workstations.
To help quantify the benefits of removing local admin access, Avecto examined all 2013 Microsoft Security Vulnerabilities to determine how many threats would be mitigated if local admin rights were removed. The findings are impressive. Avecto found the following.
- 92% of all ‘Critical’ vulnerabilities would be mitigated if local admin rights were removed
- 96% of Critical vulnerabilities affecting Windows operating systems could be mitigated by removing local admin rights
- 100% of all vulnerabilities affecting Internet Explorer could be mitigated by removing local admin rights
- 91% of vulnerabilities affecting Microsoft Office could be mitigated by removing local admin rights
- 100% of Critical Remote Code Execution vulnerabilities and 80% of Critical Information Disclosure vulnerabilities could be mitigated by removing local admin rights
- 60% of all Microsoft vulnerabilities published in 2013 could be mitigated by removing local admin rights
The results of this study clearly indicate the security benefits of running as a limited or standard user. While this may not be practical for all business applications and for all business needs, it still is one additional layer of controls that can help keep your system secure. Removing local admin rights can improve efficiency by reducing the number help desk calls, and build trust with your customers by keeping your business data secure.