Monday, April 5, 2010

More Secure Computing 1: Don't Run Your Computer as "Administrator"

by Chad Haatvedt, KAXE's IT Connection

One of the most important security measures users can follow to protect their computers from outside attacks is the concept of "least privilege". This means, use an account on the computer configured as an ordinary user with only those rights and permissions you need to get your work done and no more.

For example, for most day to day work on your computer, you do not need to install software, configure network settings, customize your web browser, add/remove hardware, etc. You just need to browse the web, write documents, edit files, and other non administrative tasks. The least privileged user on an XP system is able to do these functions.

However, if you are using Windows XP at home or at work, it is likely that the account you log into your computer with has full administrative privileges. (This is especially true if you are not required to log into your computer. If it just starts up, you are the administrator.) Accounts with administrator privileges have the rights to fully control nearly all aspects of the operating system and software on the computer.

So, you may ask, what's the big deal? Why not have administrator privileges on my account?

The answer is really quite simple. If you are browsing the Internet, or reading emails, and you come across a site/message that has a nasty payload, that bad page or infected message has the same control over your computer as your current account. So, if you are logged in as a user with administrator rights, and you hit a web page with malware scripts to install software to your computer, it's likely to succeed.

But, if you are operating as a user that does not have rights to install software, and hit the same page with malware on it, it is less likely to successfully exploit your system. Is it bulletproof? No, but it will thwart some (many) attacks.

There are some drawbacks in operating with less than administrator rights, most notably the need to switch user accounts to perform tasks that require higher privileges. But it's worth the hassle to help protect your system.

I especially recommend this route for shared computers. If you want to keep that computer running smoothly, don't let everyone have full control of the computer. Set it up with printers, software, networking, etc, and then create "user" accounts for everyone. They'll have what they need to run the computer, but will need to ask permission or request your help to make significant changes.

Don't forget to keep the Administrator password handy, because if you lose it, it's a pain to get control of the system without it.

You can learn more about configuring accounts in Windows XP here.

Windows Vista and Windows 7 Provide More Protection
These operating systems provide users with a little more security by separating elevated privileges from regular user accounts. Windows Vista/7 employs a process called User Account Control that lets you operate as a regular user, but prompts you for credentials to authenticate with elevated privileges to perform certain operations. While this is not a perfect system, you should not bypass or try to circumvent it.

No comments: