Skip to main content

Fed up of finding malware/unwanted programs on your machines? Remove local admin rights to up your security

People are the biggest security to risk to your systems. The vast majority of malware, viruses and drive-by downloads will be installed as a result of users; this could be by clicking a link in a phishing email, to visiting a dodgy site, to installing their own software. However, there is a simple solution to this kind of issue which will stop the majority of malicious/unwanted software in its tracks - removing local admin rights.

Local admin rights are the administrative permissions that a user has on their device. Users will often be able to install anything they want on their devices at work - whether it's relevant to their work or not. Whereas bigger businesses often remove local admin rights as default, it's not something that SMEs tend to think about. However, removing local admin rights is a really useful way of controlling what is installed and changed on devices within your business.

'With local admin rights, anything you click on can install automatically,' says IT support technician Kirk Conway. 'If the user isn't IT savvy, they could accidentally install malicious software - and it only takes a single click.'

Once malicious software has infected a single device, it can spread to every other device connected to the same network - so a single dodgy link can lead to a whole load of trouble for businesses.

'As a manager, if you remove local admin rights, your colleagues would then receive a login box each time they tried to install or remove something on their device.' says Kirk. 'You can then login with your administrative details to authorise the installation or prevent it. You're actively consenting to everything installed on your employees' devices.'

Removing local admin rights provides an extra layer of security to your systems. If your employees are receiving the prompt for administrative details when they haven't attempted to install anything, that's a good sign that some malicious software is trying to run on the machine. In that instance, you can choose not to authorise the download, and the virus is unable to run.

'It doesn't stop you downloading stuff, or acquiring the files, it's purely that you can't open or install new software,' says Kirk. 'Removing local admin rights is a very basic way of protecting your users from themselves.'

However, removing these rights does have a downside. As a user, if you're working remotely and you need to install an update on your machine, you can't without the details from the administrator. This could ultimately decrease security or even render the device unusable. Users would have to get in touch with their administrator or their IT team, who could then connect your computer to the network.

'It does make installing software or updating your printer slightly more complicated,' says Kirk. 'It could stop your USB drive from being plugged into your device, for example. It's not going to suit every business - you have to balance the need for security and ease of access.'

'But it's not just beneficial from a security perspective. It stops any unauthorised software being installed, downloads, games, programs, everything that you don't want your employees to be using their work devices for. And it stops users accidentally deleting very important programs and processes.'

So should businesses remove these rights? Kirk wouldn't recommend doing it immediately, 'It's not a difficult thing to put in place, but I'd recommend having a chat with your IT support team first - give us a call, rather than trying to implement it yourself. We can assess the pros and cons, how it would work and the impact it would have on their business.'

To chat to us about local admin rights, give us a call on 0191 482 0444

 


The Transcendit Way

Transcendit understand that when you choose to work with us, whether we're taking care of your IT, app or web development, you're trusting us with part of your business. So whether we're looking after your computers, phone systems or servers we always do things 'the Transcendit way'.

The whole of our team adhere to the same values, beliefs and policies - the principles that were written when Transcendit first formed in 2000. Whether you come to us for cloud services or recovery backup you can be confident that you'll always receive the same excellent service.

The Transcendit way outlines how we do business; following the same straightforward principles with every client and customer, regardless of how big or small they may be.

That means we get to know you and your business. We offer you a friendly, professional and efficient service, and we'll always be honest with you.
We understand that not everybody speaks fluent IT, so we try to explain things in a way that is simple and clear. We always spend as much time as is necessary explaining things to you.
If you need to talk to us about something, no matter how insignificant, we are only ever a phone call away – and we’re never too busy to make you a cup of tea and have a sit down with you in person.
We understand how frustrating it can be when things are late. When we schedule an appointment with you, we are there when you’re expecting us. If something prevents us from getting there, we always call you in advance to let you know.
Sometimes things can go wrong, but we never lie to you or try to cover something up. If things go askew we tell you what’s happened and how we plan to prevent it affecting your business.
We want you to continuously benefit from working with us. We regularly discuss your business and make suggestions for improving systems and processes wherever we can – but we never try to push you into a purchase.
When we quote a fixed price, that's always the amount we charge – you won’t find any nasty surprises on a bill from us. If you are paying by time and materials, we inform you if our approximations could change.
We understand the importance of privacy for your business and your customers. We respect the confidentiality of your data, and we will never pass on your information to third parties.
We appreciate it when you take the time to give us feedback. A system called CustomerSure records our client's responses, so you can trust that our reviews are from real people.
Find out what they're saying here.
Your team have been superb! Quick to respond. No hassle. They just get on with the job. After a well-planned and executed Microsoft 365 migration I have been firing out emails as teething problems have arisen and they have turned the requests around pronto. Not to mention being carried out in a friendly yet professional manner. Just amazing performance! Rosie Malcolm-MacEwan

Based on 12075 reviews our customers rate us 9.8/10. Reviews and ratings by Customersure. 09-October-2024

Transcendit are proud sponsors of CHUF, the Children's Heart Unit Fund.

Transcendit is a Living Wage employer
Transcendit is a Microsoft Gold certified partner
VMWARE partner
Vipre partner
IPCortex partner
WithSecure partner
DELL partner
Barracuda partner
Veeam partner
N-Able partner