Security Basics mailing list archives
Re: admin privileges and trojans
From: souledoutuk () gmail com
Date: 29 Nov 2006 17:07:03 -0000
Hi there, One good argument for not giving users admin rights is that they install ANYTHING that asks regardless of what it is. It also means when they use their company equipment to surf pr0n or download mobile phone ringtones, all the driveby spyware downloads get unlimited access to everything on the PC. If the user is a domain admin, the entire company network is compromised. This can result in legal quagmire for the company and potential losses aren't just limited to financial... reputations, customers and staff will all be affected too. Any security companies you use will probably have whitepapers on this subject. Penentration testing is also a good way to go as admin rights is part of that. I often dumb down the examples for management and say things like "why give everyone keys to the office safe when the company Secretary is responsible for it". Hope this helps. I can babble about IT security and management until the cows come home so feel free to drop me a mail if you want a few more ideas. cya, SouledOut
Current thread:
- admin privileges and trojans W W (Nov 29)
- <Possible follow-ups>
- Re: admin privileges and trojans souledoutuk (Nov 30)