Ensuring desktops are secure is a priority for nearly all companies. This is fueled by an increased recognition of the threat unsecured desktops pose, as well as a need to meet compliance regulations. However, most companies have struggled with implementing security solutions that truly protect desktops from the myriad of threats today. Removing administrator rights from end users when they log into their desktop is the Holy Grail of desktop security. Implementation of this level of security has been difficult due to the fact that ordinary activities an end user needs to do for their job, such as running certain applications, performing authorized installations, or managing certain desktop settings require users to have administrative privileges. These limitations have caused many organizations to continue to allow users to run with local admin privileges.
The good news is that the technologies exist to eliminate the need for end users to have administrative privileges on their desktop to perform their job tasks. This paper presents the benefits or removing admininstrator privileges from end users, the combination of technologies needed for effective implementation of this level of security, and how to best remove local admin privileges, while maintaining the users’ access to all applications.
Introduction
Everyone knows the story about corporate desktop security. If you ask 100 different companies about their end user desktop security, you will find that over half don’t have any security beyond the ubiquitous and all too ineffective firewall and antivirus software. While three-quarters of the companies are actively trying to improve their desktop security, they feel as if they don’t have a viable solution. This is how it has been for a longtime in corporate America.
Unfortunately, it is still the same story in corporate America today. For many people searching for a security solution it is like trying to read a mystery novel for the 10th time, all the while hoping to find a different ending. Unfortunately, the story of corporate users using their desktop computer as Administrator has not changed, just as your novel will not write a new ending on its own.
The implementation of the Principle of Least Privilege and Least Privilege User Access (LUA) are solutions to users requiring administrative privileges on their desktop. The “LUA bug” is defined as the set of ordinary activities a user has to do in their course of business, such as running applications, performing authorized installations, or managing certain desktop settings that require users to have administrative privileges. This “LUA bug” has plagued corporate America since the onset of PCs on every desk. The good news is that there are solutions and LUA can be achieved, allowing corporations to greatly improve corporate desktop security. There are reasonably priced and efficient methods to provide a way for standard employees to use their desktop with “least privileges” and remove their need to run as Administrator. Using existing Microsoft technologies, combined with some third party solutions, the “LUA bug” can be exterminated and the ending to the story of corporate desktop security rewritten.
Principle of Least Privilege
The term Principle of Least Privilege has been thrown around for many years, many times over, and in many venues. It was defined best by the United States Department of Defense. The Department of Defense knows very well the ramifications of allowing users to run with excess privileges, as well as the benefits of having a user to run with limited privileges on their desktop. The Department of Defense defines the Principle of Least Privilege as:
“[The Principle of Least Privilege] requires that each subject in a system be granted the most restrictive set of privileges (or lowest clearance) needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, error, or unauthorized use.”
