If a user has “Admin rights” on their PC it means that they have full control over the PC and have the ability to complete tasks such install new programs, change machine configuration settings, and update software.
By logging in with admin rights, users can cause problems such as:
– Affect System Stability by installing a third party piece of software or driver that is not compatible with the operating system. Almost 15% of IT helpdesk calls are due to users mis-configuring their own machines.
– Breaking Regulatory Compliance by changing system parameters that might affect the data integrity of the system used. ie: A PC connected to laboratory equipment.
– Activating Vulnerability Exploits through downloading malware that target known vulnerabilities in common software such as Microsoft, Adobe and Java software. This ultimately leads to a breach.
Removing admin rights for all users will assist in complying with existing government and industry regulations. Working with a least privilege account carries a much lower risk of a breach when it comes to malware and phishing attacks. It is a also a very useful step to to satisfy Data Protection Auditors and is a crucial step towards protecting your systems against data loss and subsequent representational damage.