Few years back, I was working in development center. Every developer wanted to have full system rights to install everything they want. End result was lots of system failures, viruses, Trojans & what not on the network.
Giving users limited access to system by making sure all application functionality work was a difficult task. At that time I read few articles on the topic. (Read my comments & input on the topic at the bottom of these articles)
Keys to the Kingdom – http://mcpmag.com/articles/2003/10/28/keys-to-the-kingdom.aspx
Local Admin Rights, Right or Wrong – http://mcpmag.com/articles/2003/11/11/local-admin-rights-right-or-wrong.aspx
Since then Microsoft has done a lot of development in making sure applications work with limited-user access. Least-Privilege to User Accounts (LUA) has benefits of increased security, manageability, productivity, reduced cost & reduced privacy.
Check these articles for more details on the topic.
- Applying the Principle of Least Privilege to User Accounts on Windows XP
- Using a Least-Privileged User Account
- Browsing the Web and Reading E-mail Safely as an Administrator
- Running with Special Privileges
- Aaron Margosis’ Non-Admin Blog
- levating privileges for an administrator
One Response
Adding these posts on the same topic.
Anti-virus vs. Non-Admin
http://blogs.msdn.com/b/aaron_margosis/archive/2006/06/02/614226.aspx
BeyondTrust Report on Removing Administrator
http://taosecurity.blogspot.com/2010/04/beyondtrust-report-on-removing.html
Admin rights underpin many Windows exploits, analysis finds
http://www.pcworld.idg.com.au/article/383052/admin_rights_underpin_many_windows_exploits_analysis_finds/