Click here to return to the James Madison University main page
  
 Computing Home | Self-Help | Accounts Info | Downloads | e-campus | Forms | Passwords | JMU  May 18, 2008


Search Computing
Site map
Updates
System Alerts
Security and Virus News
Computer Security
Computer Security Home
StartSafe
R.U.N.S.A.F.E.
Hot Topics - Current Issues
Critical Security Updates
Cleaning Windows Infections
Internet Fraud
SPAM
Report Computer Security Incidents
Security Awareness (only accessible on-campus)
Policies
 
Contact Us:
flynngn@jmu.edu
540.568.2364
Policy & Security
Computer Security
Computing Policies
R.U.N.S.A.F.E.
Report a violation
Computing Links
AVP Information Technology
CampusLink
CampusNet
Computer Purchases
Computing Support
Database Administration
Desktop Services
e-campus
HelpDesk
Information Systems
Labs
Network Engineering
PC Services
Systems and Operations
Technical Services

 

 

Protect Your Computer by Using a Safer, "Least Privilege" Account for Day to Day Use

When Windows is installed, it creates an account name for you to use when you login. Typically, that account is created with "administrative" privileges. Those privileges allow you, and any program you may run, full access to your entire computer. While that may sound good, it represents unnecessary risk. Very few people need full access to their computer for day to day use. Having such access while doing things like browsing the web or reading e-mail means if you, or someone using your computer, accidentally clicks something malicious, it will have full access to your computer, your data, and online accounts used from your computer. It will have access to everything you type including passwords, credit card numbers, and documents. It will also have the capability to turn off your anti-virus software, security updates, firewalls, and other security software. Finally, it can hide itself so you can't see what its doing.

Most people don't need to do the kinds of things on a daily basis that most malicious programs do to perform their damage. So risk can be greatly reduced with relatively little adverse impact if a lower privilege account is used day to day. Doing so follows some of the oldest and most basic security principles in the book - the principles of least privilege and default deny. In this case, using the least privilege necessary for for day to day use and denying privileges by default. This will keep malicious programs that may be run due to operator mistake or product defect from doing extensive damage to the computer.

This practice is particularly recommended for shared or unattended computers and those used by children. Home computers are much less protected than campus computers.

Most computer operators will have little or no problems using this type of account once it is set up. And if problems are experienced, they can always use the riskier account temporarily to accomplish infrequent activities.

MacIntosh computers, a form of unix computer, have been shipping for some time so that the unix root account isn't easily available. However, the default account ( administrator ) does carry more privileges than typically necessary for day to day use. Most other unix and linux systems don't have tiered privilege accounts and encourage the creation and use of non-root accounts during their installation process. Windows computers, the most often targeted and most common, set up a fully privileged account by default leaving them the most vulnerable.

 

Some minor difficulties may be encountered:

  • Software and hardware installations often require extra privileges (as do most virus installations!). These can easily be handled by logging out of the day to day account and logging back in as the administrator account. Really, how often do you install software and hardware? For most people, the cost of the infrequent inconvenience is well worth the benefit of extra protection in day to day use.
  • Manually installing Windows Updates will need to be performed using an Administrator account but if automatic updates are turned on as recommended by StartSafe , this won't be an issue.
  • A few software packages, not many, won't run under an account with limited privileges. This can usually be handled by using the Windows RUNAS utilitity. You basically tell Windows to run that one troublesome program with administrator privileges while your more risky programs (e.g. web, email, and IM clients) continue to run under the safer account. This can be done by right-clicking a program icon and selecting "run as" or modifying a program icon so it prompts each time it starts.
  • Do not use a Windows Power User account as it provides little or no protection. You may as well be using the administrator account.
  • If Windows control panels, administrative tools, printer installations, or date/time changes need to be accessed, the most straightforward way is to logout of the daily account and login temporarily using the Administrator account. However, a quick way of accomplishing many of those tasks exists. Right-click the Internet Explorer icon and select run-as using the Administrator account. Then, from the Internet Explorer menu, select File->Desktop->Explore and open 'My Computer'.  You can then accomplish many system administrative tasks by using the control panels. You can also use this trick to install necessary ActiveX controls from trusted web sites. Whatever you do, though, don't use such an Internet Explorer instance for day to day web browsing. When you're done performing your system tasks, close out the browser completely and start fresh without using 'run-as'.
  • JMU owned computers should not have their configurations changed without consultation with your local desktop management and support folks.

Two web sites with more information about this common sense, low risk configuration are:

 

 

 

 

 

JMU Division of Administration and Finance James Madison University Website
Publisher:  Security Engineering   Contact: Security Engineering
Last Revised: November 06, 2007 Privacy Statement