This resource is no longer available

Applying the Principle of Least Privilege across the Enterprise: Locking Down Desktops by Removing Local Administrator

When users login to their computers with local administrator privileges they greatly increase the risk of security breaches by viruses, malware and malicious users. By removing administrative privileges and implementing the security best practice of Least Privilege these threats can be avoided and network security increased. Whether driven by security concerns, business needs or mandated by compliance standards, applying the Principle of Least Privilege is a prudent move for organizations. Eliminating unnecessary administrative rights protects against zero-day exploits, prevents unauthorized malicious use, and will increase productivity and compliance when correctly implemented. Unfortunately, organizations must often overcome hurdles before they can implement a least privilege environment. In addition to removing unnecessarily elevated privileges, companies must ensure that users can still run applications and perform tasks that their jobs require. Any implementation that results in a decrease in productivity will be quickly overridden. A variety of solutions for implementing least privilege are now in common use. While some of the solutions are more secure and easier to implement than others, all of them are preferable to an environment with no attempt to adhere to the Principle of Least Privilege.


Kevin Sullivan Director of Product Management, DesktopStandard Corporation As the Director of Product Management at DesktopStandard, Kevin Sullivan integrates market needs and emerging requirements to guide the direction and functionality of DesktopStandard products. Prior to joining DesktopStandard, Kevin was a key member of the Product Management team at Quest Software, and was a successful Product Manger for Aelita's Active Directory solutions. He is a Microsoft MVP (Windows Server – Group Policy), and with his experience in Active Directory enterprise management he brings broad perspective and in-depth understanding of customer needs to the product development process.
BeyondTrust Corporation
20 May 2008
01 Jan 2006
10  Page(s)
White Paper

This resource is no longer available.