Restrict Administrative Privileges
Administrative privilege is designed to give a user complete control over all aspects of their computer. This includes the ability to install and uninstall programs, run macros, and enable and disable applications. Whilst this may seem practical for individual users, the default settings for many businesses is to allow all employees to have administrative access over their systems. Unfortunately, this can lead to cybersecurity breaches. A 2016 report stated that 80% of all data breaches involved the use of privileged credentials in some manner.(1)
Minimising administrative privileges minimises the threat of cyber-attacks as general users won’t have the administrative authority to download and install malicious code (malware). This is why Restricting Administrative Privileges is one of the Australian Cyber Security Centre’s (ASCS) Essential 8 strategies, recommended for businesses to implement to mitigate cyber-attacks.
Our GOLD and higher Cybersecurity Management System (CSMS) packages include management and implementation of Restricting Administrative Privileges; ensuring all employees have the required permissions needed to maximise productivity.