Few people would argue that implementing least privilege provides considerable security benefits, as removing admin rights eliminates the accidental or deliberate misuse of these privileges. It is also well documented that running under least privilege dramatically decreases the risks posed by malware, as many exploits rely on the user having admin rights for the payload to have the most devastating effect.

In addition to the security benefits of least privilege there are also many operational benefits, as the cost of supporting the corporate desktop is dramatically reduced when the desktop is in a locked and well managed state. However, least privilege does bring its own set of operational challenges, which is why many organizations have struggled to embrace it. Click here to read more »