Avecto Blog

Few people would argue that implementing least privilege provides considerable security benefits, as removing admin rights eliminates the accidental or deliberate misuse of these privileges. It is also well documented that running under least privilege dramatically decreases the risks posed by malware, as many exploits rely on the user having admin rights for the payload to have the most devastating effect.

In addition to the security benefits of least privilege there are also many operational benefits, as the cost of supporting the corporate desktop is dramatically reduced when the desktop is in a locked and well managed state. However, least privilege does bring its own set of operational challenges, which is why many organizations have struggled to embrace it. Click here to read more »

Desktop lockdown shouldn’t hinder a user from performing their day to day role, so here are 5 tips to achieve flexible desktop lockdown.

1. Implement Least Privilege

If you are serious about desktop lockdown then you really need to adopt least privilege. If users are logging on with admin rights (or power user rights) then locking down the desktop becomes an almost impossible and thankless task.

If the only thing stopping you from implementing least privilege is that users need to run problem applications, perform basic admin tasks, such as connecting printers, or install approved software, then consider a privilege management solution. Privilege management solutions enable individual applications to be elevated under a standard user account, making it possible to remove admin rights from users. Click here to read more »