Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.

If end users are being granted local administrative rights to enterprise end-user devices, stop this practice right now. The security holes and support nightmares created when users are allowed to download software and modify configurations are reason enough to ban this practice outright.

Admin Rights Will Hurt You

Excuses abound for granting end users local administrative rights on PCs and other end-user devices. The leading reason cited is that administrative rights bring increased flexibility in meeting business needs. In a managed enterprise environment, this so-called “need” is rarely, if ever, justifiable when weighed against the potential costs:

  • Compromised network security caused by increased vulnerability to malware and intrusion, and overall decentralization of security control.
  • Violation of legal or regulatory mandates (including copyright law), which can result in fines and imprisonment.
  • Support of different, non-standardized desktop images and applications, which greatly complicates IT support and maintenance efforts.

Related Content

Hide Details

Search Code: 4868
Published: September 2, 2008
Last Revised: September 2, 2008


Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.