Get this blog as an RSS Feed

Cybercriminals Do Not Need Administrative Users

13:15 CET, 11th April 2011 By Stefan Frei.

For years the software industry has promoted reduced privileges for user accounts as a key security best practice to prevent misuse and successful exploitation of end-point systems. Unfortunately, user accounts with reduced privileges do not provide protection from attack, misuse, or compromise.

Reduced privileges for end-users can only be regarded as one part of an effective security strategy that should not be solely relied on. Organisations should know the limitations of this approach to prevent them from getting a false sense of security and under-investing in complementary security layers.

The new Secunia Whitepaper "Cybercriminals Do Not Need Administrative Users", discusses the limitations of security by denying users administrative access to their systems, and highlights how cybercriminals can achieve their goals without administrative access.

The whitepaper can be downloaded here.
 
Stay Secure,

Stefan Frei
Research Analyst Director

Discuss this blog entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.

Subject: Cybercriminals Do Not Need Administrative Users

No posts yet
You must be logged in to post a comment.