Oct 01, 2011
Unfortunately, user accounts with reduced privileges do not provide protection from attack, misuse, or compromise. Reduced privileges for end-users can only be regarded as one part of an effective security strategy that should not be solely relied on. Organisations should know the limitations of this approach to prevent them from getting a false sense of security and under-investing in complementary security layers.
This paper discusses the limitations of security by denying users administrative access to their systems, and highlights how cybercriminals can achieve their goals without administrative access.
• Limiting users' privileges on end-points it should not be seen as a replacement for vulnerability management and expedited patching of software
• Anti-virus or other protection technologies can?t replace vulnerability management and expedited patching of software
• Effective patch management is an absolute must to reduce the window of exposure and eliminate the root cause of potential compromise