Data Breach

Restricting Administrator Privileges – Information Security Essentials

Restricting Administrator Privileges

Restricting administrative privileges makes it difficult for to spread malware and malicious code inside your network. In terms of access to your valuable business data, administrative accounts are the keys to the kingdom. If malicious code is activated using an administrative account, it can elevate its privileges, spread to other hosts, avoid detection, persist after reboot, obtain sensitive information and IP, and resist removal efforts; in other words, it creates the opportunity for data breaches and attacks against your systems and customers.

The consequences of a compromise are reduced if users have low privileges instead. An environment where administrative privileges are restricted is more stable, predictable and easier to administer and support.  This environment is created when by having fewer users who can make significant changes to their operating environment, either intentionally or unintentionally.

Note: Privileged users should use a separate, unprivileged account, and preferably a separate physical computer, for activities that are non-administrative or risky, such as reading emails and searching the web. 

In the SECMON1 blog post ‘Security Overview – Information Security Essentials’ , we spoke about what administration privileges are and why restricting them is an essential security measure.

CLICK HERE TO DOWNLOAD THIS SECMON1 INFORMATION SECURITY ESSENTIALS GUIDE

Christopher McNaughton

Recent Posts

Understanding the Australian economy through the lens of underwear and lipstick sales

In an intriguing development, recent trends in Australia's retail sector—namely, a decline in men's underwear…

12 months ago

New fraud costing Australian business millions annually

  If you work in the Finance Department of your company your email account might…

4 years ago

INFORMATION THEFT – THE EMPLOYEE RISK

  Information Theft - What is the Risk? Our research has shown that around 68%…

4 years ago

Don’t Become a Victim of Cyber Crime

  The Impacts of a Cyber Attack In your personal life and as an employee,…

4 years ago

YOUR COMPANY HAS BEEN BREACHED!

The Data Governance Watershed "You've been breached!" These are words none of us want to…

4 years ago

CASE STUDY – OFFICE 365 BREACH

CASE STUDY  (5 Min read)  The following case study details a case where SECMON1 was…

5 years ago