Administrator privileges. It’s not a flashy IT-related topic that gets reported on a whole lot. Due to the critical role it plays in protecting your network, administrator privileges should be front and center with every company’s network security plan. Especially since a recent study was published relating the majority of Windows operating flaws to mismanaged administrator privileges.Here’s a summary of the study by the security firm Avecto, as reported by ZDNet:
The report said that removing admin rights could’ve mitigated more than 99 percent of flaws affecting Internet Explorer, which had a critical-rated flaw almost every month; and mitigated 82 percent of all vulnerabilities affecting Office. The company analyzed the entire batch of vulnerabilities in Microsoft’s monthly security patch update, dubbed Patch Tuesday, to see which flaws would be less impacted whose logged-in accounts “are configured to have fewer user rights on the system.” Out of the entire batch of vulnerabilities reported, 63 percent would be mitigated or unexploitable if admin rights were removed.
The most shocking find from the study is that concerning the Windows operating system, a solid 85 percent of all critical flaws within the OS can be plugged simply by removing administrator privileges. That’s a whole mess of problems that can be avoided if organizations simply take the time to establish and manage their network’s administrator privileges.
Think about it, there’s no benefit to your organization from giving all of your staff the ability to access all of your files. Every business has files on record that are sensitive in nature, like employee health records, payroll, and bank account information. Sensitive records like these must be protected by setting up airtight administrator privileges, and in some industries, failure to do so will result in hefty fines.
In addition to worrying about the administrator privileges of your staff, you’re going to want to be mindful of how hackers can manipulate administrator privileges. For example, an IT network with strict administrator privileges in place will deter a hacker who infiltrates your network from accessing sensitive files. You’re also going to want to be mindful and stay current with the administrator privileges that you’ve put into place; you wouldn’t want a former employee to retain their administrator privileges, and you need to protect yourself from hackers who successfully steal administrator rights.
In today’s digital age, it’s frightening how one oversight like this can open the door to so much trouble. However, by taking full advantage of a user management solution, you can minimize this risk–by as much as 85 percent!
Of course, managing your network’s administrator privileges is just one piece of the security puzzle. You’re also going to want to have in place secondary security solutions like firewalls, antivirus, spam blocking, and content filtering tools designed to prevent infiltration in the first place. Setton Consulting can implement all of these tools for you in one comprehensive solution, called a Unified Threat Management (UTM) tool.
To learn more about what it takes to tighten your company’s network security, give Setton Consulting a call at 212-796-6061.