It is obvious: Less admin privileges reduces the risk of successful attacks. This is not really news, isn’t it? That this reduces the attack surface dramatically, well, not new either: Time to drop unnecessary admin privileges
What I am really wondering: We are all talking about Bring Your Own Device scenarios, where it is to be expected that the user is local admin, no? Do we need new and different approaches to protect our environment? Should we not work on architectures making the environment more resilient against compromised machines as they will be, anyway?
- Admin rights key to mitigating vulnerabilities, study shows (zdnet.com)
- Removing Admin Rights Could Block 92 Percent of Critical Microsoft Vulnerabilities (news.softpedia.com)
- The simple way to stop serious Microsoft software flaws? Take away ‘admin’ rights (networkworld.com)