The topic of whether end users should be granted local administrator privileges is one that comes up often and can spark particularly heated debates. As a rule, almost all businesses deny this level of control for all users, a baseline strategy that, in general, can’t be faulted. Simply put, most employees do not have enough technology and/or security savvy to be given elevated rights. Given that, trusting them with the keys to their local machine kingdom is more than a little foolish.

Most users, however, are not all users. While restricting local administrator privileges by rule eases administrative overhead, granting them by exception can reduce that overhead even further.

The Case For Local Admin

When it comes to enterprise IT, the stakes keep getting higher. Businesses are deploying more platforms, more applications, more products, and more service offerings. In short, they are deploying more of everything technology-related. The one thing they aren’t deploying, however, is more technology staff. As a result, resources are stretched thinner than ever. To ease the pressure, something has to give, and one area where this can selectively occur is in basic desktop support.