Every IT and Information Security professional is aware that users should NOT have Local Admin Rights on their organization’s computers and all maintenance tasks should be performed by qualified IT personnel only. But unfortunately in real life business departments usually pressure IT department and a lot of users have Local Admin Rights on their computers what very often results in incidents affecting concerns of other organizations’ teams, employees, members, clients, stakeholders and even third-parties.
Personal observation – the most significant pressure is put upon IT department if employees or management try to solve personal issue instead of business.
Below are presented examples of significantly increasing risks if a user is granted Local Admin Rights on organization’s computer. The list can be helpful for counteraction to groundless requests for Local Admin Rights.
Personal observation – the most significant pressure is put upon IT department if employees or management try to solve personal issue instead of business.
Below are presented examples of significantly increasing risks if a user is granted Local Admin Rights on organization’s computer. The list can be helpful for counteraction to groundless requests for Local Admin Rights.
Examples of significantly increasing risks if a user is granted Local Admin Rights
Consequences of malicious software infection:
leakage or loss of sensitive data stored on the affected computer
leakage or loss of sensitive data which the user has access to
affected computer nonoperability
organization's network (part of the network) downtime
attacks from the affected computer against other nodes (computers, servers, network devices) of the organization's network
attacks from the affected computer and organization's network against third-party network nodes or networks
Unlicensed software installation
Computer nonoperability or incorrect operability because of incorrect configuration made by user
Decreasing of computer's protection level made by user
