Systems are complex enough without users making additional unauthorised and un-catalogued changes.
Logically, organizations should take five steps to keep things simple:
1. A strategy to implement the right type of security
2. Remove admin privileges from the majority of users
3. Give users the flexibility to use the line of business software that they need
4. Identify any users that may need additional rights to install approved software
5. Keep things as simple as possible, to remain secure, but ultimately enable the business to move forwards.
Introducing a least privilege approach really comes down to a logical decision – do you want the best of both worlds?
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.