While it is not one of the flashier IT topics to discuss, the issue of administrator privileges.is critical to your agency’s network security plan. In fact, one recent study found that the majority of Windows operating flaws were due to mismanaged administrator privileges.
Here’s a summary of the study by the security firm Avecto, as reported by ZDNet:
The report said that removing admin rights could've mitigated more than 99 percent of flaws affecting Internet Explorer, which had a critical-rated flaw almost every month; and mitigated 82 percent of all vulnerabilities affecting Office. The company analyzed the entire batch of vulnerabilities in Microsoft's monthly security patch update, dubbed Patch Tuesday, to see which flaws would be less impacted whose logged-in accounts "are configured to have fewer user rights on the system." Out of the entire batch of vulnerabilities reported, 63 percent would be mitigated or unexploitable if admin rights were removed.
The most shocking find from the study concerns the Windows operating system; a solid 85 percent of all critical flaws within the OS can be plugged simply by removing administrator privileges. That’s a whole mess of problems that can be avoided if organizations simply take the time to establish and manage their network’s administrator privileges.
There's no benefit to your organization's giving all of your staff the ability to access all of your files. Every business has files on record that are sensitive, like employee health records, payroll, and bank account information. They must be protected by setting up airtight administrator privileges; failure to do so can result in hefty fines.
In addition to worrying about staff administrator privileges, you'll want to be mindful of how hackers can manipulate administrator privileges. An IT network with strict administrator privileges in place will deter a hacker who infiltrates your network from accessing sensitive files. You’re also going to want to stay current with the administrator privileges that you’ve put into place; you wouldn’t want a former employee to retain their administrator privileges.
In today's digital age, it’s frightening how one oversight like this can open the door to so much trouble. However, by taking full advantage of a user management solution, you can minimize this risk by as much as 85 percent!
Of course, managing your network’s administrator privileges is just one piece of the security puzzle. You also need secondary security solutions like firewalls, antivirus, spam blocking, and content filtering tools designed to prevent infiltration in the first place. SMART Services can implement all of these tools for you in one comprehensive solution.
To learn more about what it takes to tighten your company’s network security, give us a call at (586) 258-0650.