The least privilege principle can certainly help in preventing a full blown cyber attack. Even just a minimal control like this can prevent the absolute worst from happening.

Your log-in to your computer allows you certain privileges on your computer. Your log-in credentials regulate what files you can open and what programs you can install or run. By default, a new computer usually has your first log-in as an administrator and unless you change it, it stays that way.

If a hacker has access or breaks into to your computer with administrator access, they can do anything to your computer systems, even your computer network. If they or their software breaks into your account in use and it’s not an administrator account (for example, you’re using a ‘standard’ user’s account), then they generally can’t do as much damage, if not very little to no damage.

Really, the only time you would want to log-in as an administrator would be to install new applications, programs, or even some new pieces of non-storage hardware.

Secure your Work & Home Computers Risk Assessment

Do not use a full fledged administrator account if you’re using your computer systems! Non-administrator accounts such as “standard user’s” won’t have full access to a system that an administrator account has, and thus some attacks may not work. An attacker or attackers method may run into software roadblocks that may not let them take full control of a machine.

least privilege principle
Lower your “attack surface” for cyber attackers by using the least privilege necessary for work on the account you use.

Keep in mind however, this is not a silver-bullet substitute for other security controls that prevent cyber attacks! In fact, just using this alone as a single security prevention method is not good. Use the principle of “Defense in Depth” and have this security control along with many other free security controls that you can find on our website.

Are you using the least privilege principle?

Here’s how to find and change any accounts that are administrator accounts to something that has less privileges, like a ‘Standard User’:

Save time & money in fixing and managing many small business cyber security issues with our step-by-step cyber security management software. Your business will be more resiliant to cyber attacks and your customers would take notice.



Comments and questions below are viewable and open to members only.