Transitioning Your Business to Least Privilege
You have been running a small business for a very long time. Unfortunately, your computer system hasn’t always had the best security that’s out there. All of your employees have always had full administrative privileges on your system, which means that everyone in the company had access to every detail of your business. After hearing about the dangers of this, you have decided to take those privileges away from those who do not require them and leave them in the hands of your IT department.
When you are switching over to least privilege, it can be a bit of a hassle. There are a few things that might get in the way, so it’s important to know what those are before changing over.
When transitioning over to least privilege, you’ll have to consider the applications that you have on your system. Oftentimes, applications aren’t able to function under a regular system account. Simply put, a lot of applications that are out there require the use of an administrative account before the person can continue with his or her task. Make sure that the applications your employees need to use can be used on a regular user account.
Then there is the problem of basic administrative tasks. If you have employees who are performing their own tasks, like defragmenting their work computer to make it run faster, not having an administrative account could pose a problem for them. It is your duty to ensure that your employees can still do the things that they need to do from a standard account.
From time to time, your company has to perform software installations or upgrades. If you don’t already have a system where these upgrades install themselves, but they have to be done manually by the user, you should consider that. Otherwise, it may be difficult to get into the computer to perform the installation or upgrade without administrative rights.
Does your company use Active X? That is another installation or upgrade that can be problematic when you’re transitioning to least privilege. While not allowing your employees to install Active X can protect your system, it can also be quite a hassle for your employees.
Implementing least privilege policies is something that all companies should consider. With the right password management software, your company could be protected. If you are thinking about eliminating administrative rights, take care of the aforementioned concerns first.