Right now, there’s a lot of talk
about configuring workstations so
that users don’t have administrator
access. How much safer does
restricting administrator access really
make you?
You’re right, a lot of attention is
being given to restricting administrator authority on workstations and a lot
of hype surrounds Windows Vista’s
improved handling of administrator
authority. Restricting administrator
access on PCs helps prevent users
from installing unauthorized or unlicensed software and helps reduce the
impact of malware inadvertently executed by the user. It obviously doesn’t
do anything to protect the resources
that users have access to on their
local computer or elsewhere on the
network. Malware that executes
under the authority of the user can access any information or resources
to which the user has permissions
whether or not the user is an administrator of his or her local computer.
Are you safer when users don’t run
as an administrator? Yes. How much
safer? Not as much as you might
think. Restricting administrator access is only one piece of the puzzle.
You also must implement malware
defenses such as antivirus tools,
patching, and training.