By being more discriminate in doling out administrator accounts, chief security officers (CSO) can significantly lower the risk of their organization’s network being infected by malware, according to a recent study.
An administrator account typically allows computer users to modify other accounts, install and delete software and files as well as change network settings. Many malware that find their way into a computer can provide hackers these privileges if they happen to break into a machine with an administrator account.
That is why IT departments should provide users with just enough rights to enable them to “effectively perform their role,” said Andrew Avanessian, vice-president of professional services for enterprise security vendor Avecto.
He said a recent study by Avecto indicates that by restricting desktop and laptop users to standard accounts when that is all they need significantly reduced the risk of malware of infection since hackers that gain access to their machines need to find other ways to gain higher privileges.
The study analyzed software vulnerabilities reported by Microsoft in 2013 and found that nine in 10 rated as “critical” could have been mitigated by removing administrator rights. The same findings were found for Windows, Internet explorer and Office vulnerabilities.
Avanessian said that even when a person is the only user of a computer, that person would be better off being signed in as a standard account holder and switching to an administrator account when the need arises.