The Principle of Least Privilege refers to giving users permissions to access only the data and system resources which are required to do their work. Give users full administrative rights to their computers, or data and resources not directly required to do their work significantly increases the risk of the companies critical or confidential information being compromised.
Welcome to Bucaro TecHelp!

Bucaro TecHelp
Maintain Your Computer and Use it More Effectively
to Design a Web Site and Make Money on the Web

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds


Victims of Sandy Hook

Stop the Slaughter of Innocents. Congress is bought and paid for by gun lunatics and gun promotion groups. If you want to live in a safe America, help buy Congress back for America. Send a donation to Mayors Against Illegal Guns, 909 Third Avenue, 15th Floor New York, NY 10022


Network Security Through the Principle of Least Privilege

In network security, the term "privilege" refers to a users ability to access certain data and resources, and their ability to make configuration changes to a computer or the network. The "principle of least privilege" means giving a user only those privileges which are required to do their work.

Some administrators, being very busy and tired of being pestered by users, will simply grant full administrator privileges to many users. In fact, It's very common for administrators to give laptop users full administrative privileges to their computers. This allows the users to install hardware or software to their laptop.

When a user's account allows them to install software, it also allows them to inadvertently install malware. And that malware receives the same administrative rights as the user. Although there may be valid reasons to give users administrative rights to their computers, this significantly increases the risk of the computer being compromised, and these risks can affect many areas of an organization's operations.

It's important for system administrators to understand the log on process. When a user logs on to a computer, the operating system authenticates the user's credentials and starts an instance of the Windows desktop. This desktop runs with the user's security context with the logged on user's access rights and permissions. Any viruses or spyware on the computer also receives that user's security context, access rights and permissions.

If a user logs on and authenticates as a member of the local Administrators group, any program that the user starts will run with the full administrator rights to that computer. Administrative rights allows the user to carry out the following actions:

• Install, run, and uninstall programs.
• Install and uninstall device drivers.
• Install, start, and stop services.
• Install, start, and stop processes.
• Create, modify, and delete registry settings.
• Replace operating system files.
• Configure firewall settings.
• Control event log entries.
• Access the Security Accounts Manager (SAM).

Because a user with administrative rights can make these system-wide changes, so can any program that a user with administrative rights runs, including malicious software. For the majority of computer users, these rights are unnecessary and significantly increase the risk to the computer.

If a user logs on and authenticates as a standard user they can access only a reduced number of resources and are able to make changes to only particular areas. Standard users rights allow the user to can carry out only the following tasks:

• Run programs.
• View the status of device drivers.
• View the status of services.
• View running processes.
• Create, modify, and delete registry settings only within HKEY_CURRENT_USER, and read registry settings in HKEY_LOCAL_MACHINE.
• Read most operating system files.
• View firewall settings.
• View system and application log entries only.

Users can still carry out tasks that are required for them to do their jobs, such as attach to a wireless network, install signed Plug and Play drivers, and change desktop settings.

During installation Windows 7 creates a default administrator account, named Administrator. This account is not associated with any password and is disabled by default. The installation then requests a user name and password which it uses to create the first account, which joins the Administrators group. This account is equivalent to the original built-in Administrator account, except that when used to perform administrative level functions it is prompted by the User Account Control (UAC) From this account you can create and manage all other user accounts.

It is recommended, even if there is only one user of the computer, that you create a second, standard user account for daily use. This standard user account will not allow malware that finds its way onto the system to receive administrator rights, thus creating a higher level of security. If you should require administrative privileges for managing the system, you can always log on with the first account.

RSS Feed RSS Feed


Follow Stephen Bucaro Follow @Stephen Bucaro

Computer Subsections

Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2016 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268