A common practice for tech-heroes in a business environment is to limit the rights a tech-user has to their machine. While this may seem cumbersome to the user, it is actually a wise security practice that should be applied to home machines as well.
Unfortunately, unless tech-users understand the “why,” it typically seems like a barrier to productivity instead of a barrier against mal-intent.
What’s really happening here?
For those who are unsure, “software” is the code-word for any of the programs installed on your machine. (Versus “hardware” – or the pieces you can physically touch.)
At times, a tech-user may feel the need to install software on their machine. Maybe it’s a program they found online. Maybe it’s a program they use at home. Maybe it’s required by their department, a vendor, or they simply want to update a piece of existing software.
Most computer systems give access to software based on “user rights.” When a tech-user purchases a personal machine, the first account they create will be an “administrator account.” This is the account that allows users to install programs, change settings, and customize aspects of the entire machine. For many tech-users, this may be the account they’ve grown used to using.
A second type of account – known as a “limited user account” – limits a user’s ability to install programs and allows them to only customize their own user profile. This is the type of account I give to my users, requiring them to contact me whenever software needs to be installed.
Why is this important?
Tech-heroes need to be aware of what software is on their network and machines. It’s not because we are power-hungry, rather, it’s for your protection. For instance:
1. If software is improperly licensed (i.e. someone installs personal software on a work machine), and an organization is audited, this could shut down the organization.
2. If the software has hidden back-doors or viruses (as some free software does), this can compromise important company data and files or take down a computer or network.
3. Even if software is purchased, it sometimes has vulnerabilities or processes that may interfere with another piece of software, and that can cause issues on a computer or network.
4. Sometimes there are better options for accomplishing a task. If you work with your tech-hero, they may be able to help you find better quality software, or a cheaper option for attaining your goal.
5. If you are able to install software on your machine, so can a bad guy.
Remember: The goal of a tech-hero is not to control, but to protect. We must consider the greater good at all times – even if it means more work for us.