“Carte blanche” is a fun term to say, but toss it into a sentence about your information security and suddenly it foretells some bad repercussions: “we gave our employees carte blanche access to their workstations, and now we’ve got more viruses than a CDC laboratory.” Sounds bad, doesn’t it? That’s because it really is.
Allowing users full discretionary power over their computers is dangerous — for a whole host of reasons. Of course, none of these reasons are meant to suggest that an employee will not use their admin access wisely. Even someone with the best of intentions can accidentally do something that puts your network environment at risk, and the problem lies in the privileges that local administrative rights give users. With admin rights, users have the full ability to download, install, and execute unapproved programs without managerial oversight; configure system settings, including rolling back security changes and editing the registry, which could lead to an unstable OS and slow-downs; and finally, view and edit any file on the computer, including those belonging to other users if the workstation is shared — a definite internal security risk. Keep in mind, these three things are only the greatest hits.
Of prime concern is the ability to download any piece of software a user wants. In the worst case scenario (which is, sadly, an all too common one), the application’s executable was playing host to malware. Fun as they are, piggyback rides aren’t great when the result is you having to spend thousands of dollars to root out a network-wide rootkit, and all the possible downtime that would result. Or even worse having to deal with the financial burden of replacing infected servers and desktops company wide. These costs can be such a massive burden to smaller operations that it could even put them out of business. Making prevention strategies even that much more crucial to long term business planning.
As the uncle of a particular teenage superhero is fond of saying: “with great power comes great responsibility.” There’s a lesser known version of that quote, however — so unheard because we literally just came up with it — which says that “with great power comes the ability for malware to use that power and install itself without a user knowing.”
It’s not as catchy.
By giving an employee admin rights, you also give those same rights to any malicious program infecting the system. Once there, it can spread with ease across your IT ecosystem. You might be thinking, “but doesn’t a user need to click something? Like, to make the malware install?” The answer to that question, as it seems to be with much of life, is sometimes. Some malware does require minimal user interaction; some is fully capable of installing and propagating on its own.
Now that the malware is has wriggled its way into your System32 folder, it can take full advantage of the admin rights you gave your employee and modify settings, do not great things to any local company files, and punch a wider hole than you could ever imagine through your wall of security.
The flipside of this coin is a user with limited permissions, and it’s this group of users that is built around one of the central doctrines accepted by all information security experts: the principle of least privilege (PoLP).
PoLP as a policy states that users should be given the absolute minimum level of permissions they require to properly do their job. The more privileges given, the greater the responsibility, and thus the greater the overall risk. In fact, studies have shown that companies can mitigate the effects of more than 80% of all critical Microsoft security vulnerabilities (in some studies, it’s upwards of 95%), simply by removing admin access rights. Those are some huge numbers!
But what are the downsides of PoLP? The big one, really, is inconvenience. If you need to download something necessary to your job function, it can be a hassle to navigate the red-tape of managerial bureaucracy, especially when it’s an application that will boost productivity. In these cases, users might try to circumvent a company policy of needing to ask for managerial approval first, instead jumping straight to pinging their lunch buddy in IT. Depending on how much leeway your own tech people have been given in regards to approval — ideally, they should have quite a bit — this creates the potential for a shadow IT department. (Comparatively, giving everyone admin access all but guarantees one.)
Sometimes, though, even just having to reach out to IT day after day can be an inconvenience — A good solution to this issue is setting up a standardized onboarding protocol for all new system users. This ensures that each new user has access to all of the programs and files that they will need to complete their work tasks from the get go. It better to set them up for success from day 1 instead of trying to piece-meal a configuration together one download at a time and putting an unnecessary strain on your day to day IT resources.
Admin access is always tricky subject and you will always inevitably have to deal with some amount of one off requests and random necessities that could not be planned for ahead of time. But at the end of the day, regardless of the situation, admins access should not be shared with your end users. Truth be told, it’s not even recommended that we have everyday administrative rights on our home computers — the security risks are just too great. But, that’s a discussion for another day.
Contact JNT TEK to establish an Admin Access security policy and management process that protects your company and your employees.