How to protect Symantec DLP Endpoint Agent Services (EDPA & WDP)
Is there way to password protect the Symantec DLP Endpoint Agent Services. There are two services EDPA and WDP. I also know that if one service is somehow stopped the other one automatically starts it. But if you use the below command from Elevated Command Prompt both are stopped and they don't automatically restart again until the machine reboots.
sc stop edpa && sc stop wdp
This is a big security flaw as majority of users have locall admin rights on their machines. I know we can rename the services but this is not the solution as technically sound user can also find the new service names very easily. Is there way we can secure these services like password protecting them?