Unnecessary admin accounts behind malware risks

By being more discriminate in doling out administrator accounts, chief security officers (CSO) can significantly lower the risk of their organization’s network being infected by malware, according to a recent study.

An administrator account typically allows computer users to modify other accounts, install and delete software and files as well as change network settings. Many malware that find their way into a computer can provide hackers these privileges if they happen to break into a machine with an administrator account.

That is why IT departments should provide users with just enough rights to enable them to “effectively perform their role,” said Andrew Avanessian, vice-president of professional services for enterprise security vendor Avecto.

He said a recent study by Avecto indicates that by restricting desktop and laptop users to standard accounts when that is all they need significantly reduced the risk of malware of infection since hackers that gain access to their machines need to find other ways to gain higher privileges.

The study analyzed software vulnerabilities reported by Microsoft in 2013 and found that nine in 10 rated as “critical” could have been mitigated by removing administrator rights. The same findings were found for Windows, Internet explorer and Office vulnerabilities.

Avanessian said that even when a person is the only user of a computer, that person would be better off being signed in as a standard account holder and switching to an administrator account when the need arises.

Read the whole story here

Nestor E. Arellano
Nestor E. Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web