The least privilege principle can certainly help in preventing a full blown cyber attack. Even just a minimal control like this can prevent the absolute worst from happening.
Your log-in to your computer allows you certain privileges on your computer. Your log-in credentials regulate what files you can open and what programs you can install or run. By default, a new computer usually has your first log-in as an administrator and unless you change it, it stays that way.
If a hacker has access or breaks into to your computer with administrator access, they can do anything to your computer systems, even your computer network. If they or their software breaks into your account in use and it’s not an administrator account (for example, you’re using a ‘standard’ user’s account), then they generally can’t do as much damage, if not very little to no damage.
Really, the only time you would want to log-in as an administrator would be to install new applications, programs, or even some new pieces of non-storage hardware.Secure your Work & Home Computers Risk Assessment
Do not use a full fledged administrator account if you’re using your computer systems! Non-administrator accounts such as “standard user’s” won’t have full access to a system that an administrator account has, and thus some attacks may not work. An attacker or attackers method may run into software roadblocks that may not let them take full control of a machine.
Keep in mind however, this is not a silver-bullet substitute for other security controls that prevent cyber attacks! In fact, just using this alone as a single security prevention method is not good. Use the principle of “Defense in Depth” and have this security control along with many other free security controls that you can find on our website.
Are you using the least privilege principle?
Here’s how to find and change any accounts that are administrator accounts to something that has less privileges, like a ‘Standard User’:
Comments and questions below are viewable and open to members only.