When a new user account is created, the type of account determines what the user is able to do. This article outlines access control basics and helps you to navigate through the different aspects of identity management.
An administrator is someone who is in charge of the settings and controls of a computer, and someone logged into an account with administrator privileges can do pretty much anything on the computer. They can view every file on the system, including any account maintenance, billing and subscriptions, change system-wide system settings, run all installed programs, add new programs, install new hardware drivers and change the usernames and passwords of other user accounts.
Regular users cannot perform administrative tasks, they are usually limited to everyday tasks such as sending emails, creating documents and conducting internet searches. If they are able to access additional files and data, it will only be those that the administrator allows.
Using a regular user account when you are on your computer helps keep your system more secure. Let’s say you accidentally click on a malicious link or open a dodgy file attachment, malware (which is software designed to do harm) might automatically try to download, but as the malware would have the same privileges as the account you are logged in with, the malware download would automatically require an administrator password. This would alert you to the fact that software was trying to download and you would be able to deny it.
By default, user accounts in Windows have administrator privileges, meaning they allow you to install, modify or delete software. If you are the only person that uses your computer, you might not realise this and be working from an administrator account all the time.
This level of access carries security risks, as unfortunately, you have the ability to do things that you never really intended to do, some of which can cause major problems with the computer. It’s quite easy for an administrator to accidentally delete an important system file or change a setting that renders the PC unstable or un-bootable.
No one, not even home users, should use administrator accounts for everyday computer use, such as web surfing, emailing or office work. Instead, those tasks should be carried out by a standard user account. Administrator accounts should be used only to install or modify software and to change system settings.
If you’re a Windows user who has administrative rights, you should create a separate administrator account, and downgrade your regular account to a standard user account. (You can still perform administrative tasks by typing in the password to the admin account.)
Additionally, most computers come with a ‘guest’ account enabled which allows anyone to freely access your device – you should disable it. In a similar vein, if there is an account on your computer that is no longer used, be sure to delete it.
Neutralise Threats for Peace of Mind
As more of our information and activities go online, cyber security has become a necessary part of life that keeps us safe from crime. Just like learning anything new, it can be broken down into small steps and implemented in bite-sized chunks.
Businesses of all sizes are at particular risk of cybercrime and would benefit from working towards Cyber Essentials which is a Government approved scheme. By implementing just five core controls that protect against most cyberattacks, businesses can ensure they are on the right track as well as demonstrate to their customers and suppliers that they are serious about cyber security.
As a Cyber Essentials Assessor, we are always happy to support your ambitions to become certified and want you to benefit from additional security and much more such as
✅ Becoming eligible to apply for Government tenders
✅ Reducing insurance premiums
✅ Avoiding GDPR fines
✅ Establish trust with suppliers and customers
And it’s not only about your business but the wider community. Every successful hack funds the cybercriminals and allows them to purchase more hardware and other tools to carry on their despicable profession.
So, if you want to take your business to the next level, give us a call or book a 15-minute video call at a time that suits you. There’s no obligation to buy anything, ever. During this quick chat, however, we can discuss what a Cyber Essentials certification would bring to your business and the process behind it.
Here's our live calendar!
Questions: [email protected]