Remove PC User Rights, Reduce Windows Bugs
When Windows users sign on as a user, not Administrator, your security improves greatly. Remember the company, not the user, owns the computer and decides how it's used.
View full article »
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
Preaching to the Choir
Yes most IT professionals know this and attempt to implement, however unless you are working for an IT firm upper level management are not IT professionals. Since Management has the final say on computer configuration and all the IT/IS department can do is give a logical arguement on why not give local administrative rights to user. Most upper level management will not agree and inform the department to configure with administrative rights for all users. Even after pointing out the Computer World article I was informed that we are to continue giving full administrative rights to users.IT professional know better but we are still at the mercy of upper level management.
A tough one
As a power user, I somewhat disagree with the author of this article and the article itself.Yes, I agree that the computer belongs to the company and not the user, however not all departments within the company should be configured the same way.
For non-technical users, yes, take away whatever is non essential, but think about a quality control department. Taking away admin privileges will only hinder a normal worday.
I'm assuming that all employees are "professionals" and not 'solitaire-players'
My two cents.
Removing admin rights does NOT reduce window bugs
Removing admin rights certain results in less occurances of users creating problems. But a bug in Windows is a bug in Windows. At best, removing admin rights may reduce the number of people who encounter some bugs, because they can no longer access certain types of features of the machine.Note, however, that removing admin rights either has to be accompanied by a policy that staff are not permitted to be productive, or an increase in the number of staff who DO have the admin rights, so that productivity software can be installed on the desktops.
There are no free lunches. Many vendors release software which require admin rights to install. Either the company refuses to use the major software packages in the market (including those by Microsoft), or the company developes the procedures to submit requests for installations, updates, removals, etc.
While it is tempting to establish policies that restrict software installation, by doing so, you defeat the very reason that computers were brought into the company - to accomplish work efficiently.
Removing rights lets the people who know the job do the job
and all the Engineers, Marketing people, Operations and sales can do what they do best, which is engineer, market, run the operations and sell.The problem is that any two-bit PC owner thinks they can do the job of IT, they think the PC is their home system and they don't have the proper training to run a business level Computer environment. What if IT came in and started telling Marketing how to market or Sales how to sell?
I am removing admin rights at this time and I dare anyone to make a noise about it. As soon as they do, I will show their management the 1. number of tickets we have from software installs that mandate a high number of IT staff, and 2. the inventory of non-business related software on the company PC that person is using which means they are wasting time and money on non-company business.
If people feel the need to install software on a system that is the key to them being productive and as soon as it breaks because of that unauthorized install they come a runnin' to IT with the expectation that we have to drop everyone else's issue and focus on them shooting themselves in the foot, then they should have their admin rights removed.
This is, of course, with the approval of management that I craftily had them approve with an internal SLA and with a slow economy, hiring more people is not an option.
I agree with the article
I'm a computer consultant. I attempt to convince my clients to setup their users as a non-admins. I believe this one practice is the single best security move they can make. Most have heeded my advice, have fewer problems, and lower support bills to prove it. I have one client that hasn't had a virus or spyware related support incident in over three years. I think that alone should be incentive enough to consider this approach. Yes, the users will balk but it's a company system. The threats are coming at them every day and installing software/upgrades is an occasional process. Also this let you truely decide what software will be on the system. So you don't have to consistently monitor/remove undesired software.Macintosh?
It appears Gaskin has no experience with Apple Macintosh nor the MacOS. The security design of MacOS is far more robust than the elderly, rickety security 'framework' that Microsoft doggedly clings to. Gaskin should visit a Apple store and discover what so many other companies have discovered: there are viable alternatives to Microsoft Windows that CAN run MS Office perfectly well while dramatically reducing the incidence of security problems. I recommend Gaskin visits an Apple store to become more acquainted with this product.婚活
アラフォーでも間に合う大注目の結婚相談所http://www.bbsroom.com/cgi-local/diary/diary.cgi?room=sasaruo
http://free2.nazca.co.jp/mk26/sasaruo/
http://www.21styles.com/mybbs/sasaruo/index.html
http://asp.atomicweb.co.jp/id/sasaruo/bbs/
http://sasaruo.bbspace.jp
http://sasaruo.bbspace.jp/Bo-Top?start=1&b=141742&sessionid=ABj2xGB
http://www.chibiao.com/type_nka/nka2/sasaruo98/kauth.cgi
http://u-bbs.com/m/sasaruo/
http://bbs.jp-net.ne.jp/01/01/sasaruo.html
http://ppp.atbbs.jp/sasaruo/
http://pv-board.com/s1/sasaruo98/index.html
http://pokebi.jp/bbs.php?id=sasaruo
http://123bbs.jp/sasaruo/
http://bbs1.xiz.cx/?i=sasaruo
http://bbs.kodama.com/bbs/sasaruo
http://iricon.net/bbs_a/sr3_bbss.cgi?cat=33sasaruo
http://bbsss.net/sasaruo/
http://a1.wtakumi.com/bbs.cgi?id=sasaruo
http://bbsee.info/sasaruo
http://myboard.jp/list.php?id=sasaruo
http://a.viewst.jp/sasaruo/
http://bbs.j-banana.net/free_bbs/bbs.cgi?room=sasaruo
http://star.gakupani.net/usr/sasaruo/bbs.cgi
http://yy2.ziyu.net/yy/sasaruo.html
婚活
アラサーやアラフォーからでも間に合う婚活を結婚相談所やお見合いで婚カツをして結婚をするのが今大注目http://iricon.net/bbs_a/sr3_bbss.cgi?cat=33sasaruo
http://11766.myday.fm/
http://123bbs.jp/sasaruo/
http://14528739.at.webry.info/
http://a.viewst.jp/sasaruo/
http://a1.wtakumi.com/bbs.cgi?id=sasaruo
http://advenbbs.net/index.html
http://ameblo.jp/sasaruo
http://asp.atomicweb.co.jp/id/sasaruo/bbs/
http://b.cgiboy.com/Res/BBS/sasaruo/
http://b.koroweb.com/sa/user/sasaruo/
http://b43.chip.jp/sasaruo/
http://b5.spline.tv/sasaruo/
http://bbs.avi.jp/457420/
http://bbs.j-banana.net/free_bbs/bbs.cgi?room=sasaruo
http://bbs.jp-net.ne.jp/01/01/sasaruo.html
http://bbs.kodama.com/bbs/sasaruo
http://bbs1.xiz.cx/?i=sasaruo
http://bbs4.aimix-z.com/topic.cgi?room=sasaruo
replica bags
Your comments on this question are pertinent replica bags .And people always do things like and they don't know what they replica handbags are doing at the same time .It is a really common fault .