Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

2/5/2009
10:16 AM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%

Cutting Windows Admin Rights Cuts Windows Risks 92%: BeyondTrust

Reducing the number of users granted Windows administrative rights reduces the number of exposed Windows vulnerabilities by over 90%, according to access management company BeyndTrust.

Reducing the number of users granted Windows administrative rights reduces the number of exposed Windows vulnerabilities by over 90%, according to access management company BeyndTrust.The BeyondTrust study finds that granting full Windows administrative rights -- which let the user alter files, install software, etc. -- dramatically increases the exposure of Windows vulnerabilities.

Taking away those rights -- identifying all non-administrative users as standards computer users, required to log on, with parameters to what they can and, especially, can't do to and with their computer -- sharply cuts those exposures.

Ya think?

The point here is not just the decrease in exposure (although the elimination of 92% of Windows critical vulnerabilities that BeyondTrust sees as a consequence of limiting admin privileges is anything but small potatoes) and the security enhancement that results, it's the reminder of the need for a re-think of just what employees are and aren't allowed to do with company equipment, company networks and on company time.

The problem, as I see it, and as more than one small and midsize business has commented, is the confusion between privileges and right when it comes to employee computer use.

That confusion flows from half a dozen -- or half a hundred, or more -- factors, not least of which is the fact that the technologies used in business -- computers, software, the Internet -- are also consumer technologies. Employees are accustomed to surfing the Web, installing games and other programs (and, to be fair, productivity apps that they're partial to), social networking, IM, file sharing and etc. and etc. squared.

Taking away these privileges involves reminding employees that their business computer isn't their personal computer, and can no longer be treated as such.

Problem is -- and it's not a small one -- that personal uses of computers in the workplace has come to be seen as an entitlement, a fringe benefit, a perq of sorts.

Limiting admin rights to IT administrators and supervisors creates more work for them, of course, which is another issue in times of tightened budgets and resources.

It all comes back to the necessity of establishing and enforcing formal technology-use policies (BeyondTrust, course, would argue that such policies are best backed by privilege management software).

Without those policies in place, and enforced, the situation become... well, it becomes what the BeyondTrust research shows: an environment filled with unnecessary exposure of vulnerable systems to a threat environment that's actively looking for those very vulnerabilities.

The complete BeyondTrust admin rights report is here.

The company will be hosting an admin rights elimination webinar on February 11; register here.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29370
PUBLISHED: 2021-04-13
A UXSS was discovered in the Thanos-Soft Cheetah Browser in Android 1.2.0 due to the inadequate filter of the intent scheme. This resulted in Cross-site scripting on the cheetah browser in any website.
CVE-2021-3460
PUBLISHED: 2021-04-13
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker.
CVE-2021-3462
PUBLISHED: 2021-04-13
A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.
CVE-2021-3463
PUBLISHED: 2021-04-13
A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error.
CVE-2021-3471
PUBLISHED: 2021-04-13
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.