Why You Need to Think Through Which Employees Have Access to What Files
It’s clear that your IT department should have administrator privileges with your business’s technology, but the average employee is another story altogether. Administrator privileges provide users with the ability to do many things, such as install programs and access admin settings. Administrator privileges are exactly what you want to keep users away from, and it turns out that the majority of flaws in the Windows operating system depend on these privileges.
According to a report released by security firm Avecto, it’s estimated that a solid 85 percent of all critical flaws within an operating system can be plugged simply by removing administrator privileges. Most home and consumer-based PCs utilize administrator accounts by default without much thought, but this is a dangerous practice in a business. If hackers can gain access to administrator privileges, they can make changes to the core OS files and steal important information. Most businesses that prioritize security will have limited user privileges on their provided workstations, which help to keep malware and other threats out of central files imperative for the continued functionality of the machine.
As reported by ZDNet:
The report said that removing admin rights could have mitigated more than 99 percent of flaws affecting Internet Explorer, which had a critical-rated flaw almost every month; and mitigated 82 percent of all vulnerabilities affecting Office. The company analyzed the entire batch of vulnerabilities in Microsoft’s monthly security patch update, dubbed Patch Tuesday, to see which flaws would be less impacted whose logged-in accounts “are configured to have fewer user rights on the system.” Out of the entire batch of vulnerabilities reported, 63 percent would be mitigated or unexploitable if admin rights were removed.
User privileges are an easy topic to set on the back burner and forget about, especially if you’re a small business with a small workforce. You might like to think that there’s minimal chance for user error, but the cruel reality is that people make mistakes, be it accidentally misplacing files or allowing malware to run rampant throughout your business’s critical systems. Unfortunately, all it takes is one oversight to leave your entire business infrastructure vulnerable to damage caused by hackers who have administrator privileges.
Therefore, it’s recommended that your organization take full advantage of a user management solution that puts a lid on what the majority of your employees can access. Your users should only be accessing files and information that’s important for their daily duties. For example, the average employee doesn’t need access to personal employee records or client payment information.
Are you doing everything that you can to limit your mission-critical data’s exposure to threats? Security-minded businesses will be taking advantage of not just role-based user access, but also secondary security solutions like firewalls, antivirus, spam blocking, and content filtering solutions that are designed to prevent infiltration in the first place. These four features can be implemented in one comprehensive solution called a Unified Threat Management (UTM) tool.
For more information about proactive IT measures, remote monitoring and maintenance, or IT security, give Resolve I.T. a call at (978) 993-8038.