This article covers the five top reasons why running server administrators with full admin rights no longer represents an acceptable level of risk, and explains why the principle of least privilege allows you to free sysadmins without security risk.
The world of desktop security has experienced a revolution. Respected consultants such as Gartner have become increasingly vocal in their firm recommendation that organizations should minimize the use of administrative rights.
Migration away from Windows XP has acted as a catalyst for the standard user revolution as global organizations adopt the principle of least privilege, delivering what's commonly referred to as the 'least risk' environment.
But server administrators (sysadmins) are surely a different kettle of fish: these are trusted, tech-savvy individuals who need to have the 'keys to the kingdom' in order to complete their job roles efficiently and effectively, right?
Here are five good business reasons why allocating admin rights to server administrators is neither acceptable or necessary in a secure and operationally sound enterprise environment: