Unconvinced about the importance of removing user admin rights? Read on for some compelling reasons why user privileges should be at the top of your security agenda in 2014.
We’ve been analyzing the regular security updates issued by Microsoft in 2013, issued each month on “Patch Tuesday”, to determine the effect of admin rights for mitigating known Microsoft vulnerabilities. The findings highlight the huge number of vulnerabilities that are greatly lessened in environments where there are no privileged users.
Key findings from the 2013 Microsoft Vulnerabilities Report show that:
- Of the 147 vulnerabilities reported by Microsoft in 2013 with a Critical severity rating, 92% were concluded to be mitigated by removing administrator rights
- 96% of Critical vulnerabilities affecting Windows Operating Systems could be mitigated by removing admin rights
- 100% of all vulnerabilities affecting Internet Explorer in 2013 could be mitigated by removing admin rights
The findings are shocking, and yet not altogether surprising. Analysts such as Gartner and IDC, as well as industry experts and security gurus have been talking about the importance of removing admin rights for some time. Here at Avecto, we’re talking to businesses about this every day. The issue of admin privileges cannot be ignored, and it’s not going away.
What’s often surprising is the number of businesses that still don’t understand the scale of the issue – or even how many local or sys admins exist within their organization.
Without user admin rights, any malware threat is contained and prevented from infiltrating the corporate network where it can inflict the most damage. And without excessive privileges, internal users don’t have the access to protected data, reducing the risk of insider threat. How many admin accounts in your business are creating a window of opportunity for internal and external attack?
Working with a provider that specializes in Windows privilege management to assess the landscape of admin rights in your business could be first step towards securing your business-critical data in 2014. And for those that have already migrated to Windows 7 or 8, or are mid-way through a migration, ensuring the environment remains free of unnecessary admins is the only way to retain control, and the upper hand, against targeted attacks.
Importantly, XP will be the noticeable absence from Microsoft’s Patch Tuesday’s bulletins from April. In fact, a patch for a Windows XP zero-day flaw was included in its January 2014 Patch Tuesday security update, with notable bloggers calling for businesses to “make the most of the updates while you can. With the countdown towards XP expiration, it’s likely that hackers too will be specifically targeting businesses running XP, as the lack of support will result in plenty of security vulnerabilities that are easy to exploit.
It’s clear from these findings that removal of admin rights is still the key for reducing risk in 2014, and beyond. I would encourage any business to take a closer look at their user privileges today.