Build a zero-trust model by first killing local admin rights. Why you should never have local administrative rights to your PC
Team Metalogic founder & CEO, Mike Parfitt, about the risks of Local Admin Rights: “We have seen Trojans execute six-figure wire transactions and major banks deny responsibility. We’ve had multiple networks crippled for days – even weeks.”
There are several reasons employees may ask for local administrative rights, or the ability to download software on their workstations, with convenience and expediency topping the list.
However, business owners may not fully understand the risks of local administrative rights: the more people and time spent working on desktops with local administrative rights, the greater the chance that malicious software exploits a weakness.
And it only takes a single weak point on the entire network for malicious software to take hold and spread like wildfire.
With local administrative rights, the security controls used to protect a company’s systems including password controls, anti-malware software, and similar tools, can be shut off. Granting local admin rights risks the installation of unapproved software, breaking business-critical applications and causing disruption and downtime.
Local admin rights will also expose a company to malware, including a number of different phishing scams that can deliberately run code on systems with full permissions if someone inadvertently clicks on a malicious link or opens infected email content.
Today’s malware is harder to detect and uses sophisticated social engineering that can leave most people unaware of the problem before it is too late. No matter how advanced or how expensive the multiple layers of security may be for an organisation, there will come a time where something malicious makes its’ way through all of them and is facing a user on the screen.
At that point, our last line of defense is the user themselves, the ‘human firewall’. But they too are not infallible and will likely click the link, open the file, or grant permissions, resulting in the malicious software executing on their system. Without local admin rights, malicious software can go no further. A final safeguard in ensuring the malware does not infect individual systems, networks, and then entire businesses.
According to Mike Parfitt, “We have seen Trojans execute six-figure wire transactions and major banks deny responsibility. We’ve had multiple networks crippled for days – even up to 2 weeks – because of a virus inadvertently installed on a person’s machine, which then replicated as an auto-run on the file server, then spread to every machine that touched the file server. It also used peer-to-peer methods exploiting machines that did not have a patch applied.”
He went on to explain, “IT best practices dictate that employees are no member of staff is given local administrative rights, regardless of their position.
“At Team Metalogic, an IT support provider with professionals and cyber-security experts, we do not even run with local admin rights… it’s just too dangerous in today’s threat landscape to even consider it. Auditors also frown upon the practice because of its inherent risk. At Team Metalogic, we install software updates and patches weekly to protect our customers.
“However, the system is only as strong as its weakest link. By allowing local administrative rights, companies expose themselves to malicious attacks and the risk of losing time, data, and money.”
To find out how your cyber-security posture stands up against today’s threats, call us today about our IT support on 0345 521 0618 or email [email protected]