The Essentials Series: Eliminating Administrator Rightsby Greg Shields
Too often in todayâ€™s IT environments the solution for difficult applications or difficult users is to simply grant them administrator rights and move along. Yet that accumulated distribution of admin rights, and the inappropriate actions and potential for problems that goes with it, eventually takes away ITâ€™s ability to control the environment. The problem with the Windows OS is that sometimes the only way to accomplish a needed task is with Administrator rights. With the right tools and techniques, no more. In The Essentials Series: Eliminating Administrator Rights, weâ€™ll talk about the issues with granting privileges and the ways to take them back. Youâ€™ll understand the concept of Least Privilege, the business benefits of eliminating excessive privileges, and the limitations youâ€™ve probably already experienced in todayâ€™s native solutions for privilege management.
Article 1: Understanding Least Privilege
Any discussion on the right-sizing of administrative privileges starts with a solid understanding of how Least Privilege works. This article will define Least Privilege and discuss why simply handing out Administrator privileges doesnâ€™t provide the necessary levels of granular control.
Article 2: The Business Benefits of Eliminating Administrator Rights
Once you understand the right ways in which rights should be assigned as learned in Article 1, your next job is in recognizing how their correct assignment benefits the business. In Article 2, youâ€™ll learn how the business benefits along the lines of operational, security, and compliance when admin rights are eliminated in favor of granular privilege assignment.
Article 3: Limitations in Native Solutions for Privilege Management
Tools are natively available today in the Windows OS that go only part of the way in achieving the goals of Least Privilege. But each of those tools remains too coarse in rights assignment. In Article 3, youâ€™ll learn about those native tools and read about the critical omissions in how they assign privileges to users and applications.