Build a zero-trust model by first killing local admin rights. Why you should never have local administrative rights to your PC

Do you have local admin rights on your PC?

Team Metalogic founder & CEO, Mike Parfitt, about the risks of Local Admin Rights: “We have seen Trojans execute six-figure wire transactions and major banks deny responsibility. We’ve had multiple networks crippled for days – even weeks.”

There are several reasons employees may ask for local administrative rights, or the ability to download software on their workstations, with convenience and expediency topping the list.

However, business owners may not fully understand the risks of local administrative rights: the more people and time spent working on desktops with local administrative rights, the greater the chance that malicious software exploits a weakness.

And it only takes a single weak point on the entire network for malicious software to take hold and spread like wildfire.

With local administrative rights, the security controls used to protect a company’s systems including password controls, anti-malware software, and similar tools, can be shut off. Granting local admin rights risks the installation of unapproved software, breaking business-critical applications and causing disruption and downtime.

Local admin rights will also expose a company to malware, including a number of different phishing scams that can deliberately run code on systems with full permissions if someone inadvertently clicks on a malicious link or opens infected email content.

Today’s malware is harder to detect and uses sophisticated social engineering that can leave most people unaware of the problem before it is too late. No matter how advanced or how expensive the multiple layers of security may be for an organisation, there will come a time where something malicious makes its’ way through all of them and is facing a user on the screen.

At that point, our last line of defense is the user themselves, the ‘human firewall’. But they too are not infallible and will likely click the link, open the file, or grant permissions, resulting in the malicious software executing on their system. Without local admin rights, malicious software can go no further. A final safeguard in ensuring the malware does not infect individual systems, networks, and then entire businesses.

According to Mike Parfitt, “We have seen Trojans execute six-figure wire transactions and major banks deny responsibility. We’ve had multiple networks crippled for days – even up to 2 weeks – because of a virus inadvertently installed on a person’s machine, which then replicated as an auto-run on the file server, then spread to every machine that touched the file server. It also used peer-to-peer methods exploiting machines that did not have a patch applied.”

He went on to explain, “IT best practices dictate that employees are no member of staff is given local administrative rights, regardless of their position.

"At Team Metalogic, an IT support provider with professionals and cyber-security experts, we do not even run with local admin rights… it’s just too dangerous in today’s threat landscape to even consider it.  Auditors also frown upon the practice because of its inherent risk. At Team Metalogic, we install software updates and patches weekly to protect our customers.

"However, the system is only as strong as its weakest link. By allowing local administrative rights, companies expose themselves to malicious attacks and the risk of losing time, data, and money.”

To find out how your cyber-security posture stands up against today’s threats, call us today about our IT support on 0345 521 0618 or email hello@teammetalogic.com

Share this page

Insider Threats Are Getting More Dangerous - Here's How to Stop Them

Insider attacks are skyrocketing, and so is the cost to recover from them. We’ll tell you what types of threats constitute an 'insider threat' and how to safeguard your network to lower your risk.

Find out more

Everything You Need to Know About Microsoft Viva Sales

Salespeople spend approximately 34% of their time on administrative tasks. Microsoft has a goal to change that using Viva Sales. We’ll tell you all about this upcoming new sales application.

Find out more

Better Digital Offboarding of Employees

20% of surveyed businesses have experienced a data breach connected to a former employee. Are you properly disconnecting former staff? Learn tips for better digital off-boarding.

Find out more

Security Tips for Online Festive Shopping

The holiday shopping season is in full swing. So are phishing, fake websites, and credit card scams. Learn 9 security tips for online holiday shopping before it’s too late!

Find out more

Wondering if we have the right solution for you?

We’d love to talk

Request a call back

We use cookies to personalise and enhance your experience on our site and improve the delivery of ads to you. Visit our Cookie Policy to learn more. By clicking 'accept', you agree to our use of cookies.