Applying the Principle of Least Privilege Across the Enterprise

When users login to their computers with local administrator privileges, they greatly increase the risk of security breaches by viruses, malware and malicious users. By removing administrative privileges and implementing the security best practice of Least Privilege, these threats can be avoided and network security increased. However, when managing a least privilege computing environment systems must not only be locked down, but also still allow end users to perform all necessary tasks for their jobs. This paper presents several least privilege implementation options.