Earning the privilege: Privilege management

Share this article:
Earning the privilege: Privilege management
Earning the privilege: Privilege management

With Windows 7 migrations in full swing, few would argue the advantages of a strong privilege management solution for IT. A recent vendor survey shows a 463 percent jump in demand to implement privilege management among companies moving this year to Windows 7. Sixty-three percent of respondents consider it critical to manage administrative privileges for end-users to ensure security and reduce vulnerabilities. 

When users don't have local administrator rights, they can't make changes that destabilize the system, or require extra support to correct the problems they accidentally create. Additionally, a locked-down system is less susceptible to malware. 

But by its very name, a “personal computer” is generally seen by a user as “my device.” Many organizations allow users to run with local admin rights simply because it's too difficult to keep systems locked down. 

But removing admin rights is only a part of the fix. There are legitimate situations that require elevated privileges for users to accomplish their jobs. What companies really need is a way for users who need those rights to gain those privileges smoothly. 

How do you accomplish that? A strong privilege management solution needs to take individual and collective user needs into consideration. Users have a set of things they do to get their jobs done, and they expect to be able to perform their necessary work without IT intervention. If users have been able to perform certain tasks on their own in the past, they are naturally going to expect that right to still be in place after a desktop lockdown happens. 


Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in Features

Sign up to our newsletters

More in Features

Case study: Big LAN on campus

Case study: Big LAN on campus

A university rolled out a wireless network, but was hampered with a user-support problem...until a solution was found. Greg Masters reports.

2014 Women in IT Security: Stacey Halota

2014 Women in IT Security: Stacey Halota

When she stepped into the job of vice president of information security and privacy at Graham Holdings Company in 2003, Stacey Halota had to carve out new territory because her ...

What's sex got to do with it?

What's sex got to do with it?

Harassment has no place in the security industry. Neither do sexism or discrimination. But, there they are. It's time for infosec to just say no, reports Teri Robinson.