Nobody likes to be restricted in their use of a computer, or think they are being limited because they don’t have administrator rights. Most users do not NEED administrator privileges, they just WANT them. So why do users want administrator privileges? Here are the top 5 reasons:
- Freedom: Users want administrator privileges so they can install or modify anything and everything on their computer. They may or may not view themselves as computer experts, but believe they know enough about computers to be able to make changes to their system without any negative repercussions. Unfortunately they are usually wrong, causing the IT department to spend countless hours fixing the issues.
- Control: Users also want more privileges on a computer because of the control associated with being able to call your own shots. Control leads to even more headaches for the IT department as they clean up the mess left by users who make changes without understanding implications. Installing a software package without proper licensing can result in costly audit expenses. Changing the security configuration might make life easier, but it can result in expensive breaches.
- Time: Most people hate to wait – we want everything done instantaneously. It’s the same for computing. Most users fear that if they don’t have administrator rights, they’ll have to wait for someone in the IT department to install or update a piece of software that could take them minutes to do if they had administrator privileges.
- Entitlement: Some users believe that they deserve administrator rights because they started the company, make more money than the IT department employees, or because they are just special for one reason or another. These reasons aren’t good enough though. They might be the reason that the company is making a profit right now, however with administrator rights they could be the reason the company suffers a loss next quarter when their computer is compromised and key data stolen.
- Habit: For some companies, users have always had administrator rights. It has become the standard of how users operate their computers in the company. However with increasing cyber threats, this habit simply does not provide enough security to organizations any more.
The reasons listed above may or may not be good reasons for the desire of users to keep administrator rights. However, administrator rights are a huge threat to IT security. Users may think that if they lose administrator privileges that their lives will become harder, but this is not the case. If privilege management is implemented the right way, users will be able to continue to work as before and will most likely not even notice the change.
So how do you implement privilege management successfully? It’s really a two-step process, requiring knowledge of what applications will need administrator rights to work correctly and which users have administrator rights. After that knowledge is obtained companies create application privilege management policies for applications that need admin rights. Then companies remove administrator privileges from their users by using user privilege management software. It’s that easy.
Arellia Application Control Solution and Local Security Solution assist businesses concerned with security protect their assets from security threats, mitigate zero-day vulnerabilities, control system stability, and enforce software compliance by using application and user privilege management capabilities.