Right now, there’s a lot of talk about configuring workstations so that users don’t have administrator access. How much safer does restricting administrator access really make you?
You’re right, a lot of attention is being given to restricting administrator authority on workstations and a lot of hype surrounds Windows Vista’s improved handling of administrator authority. Restricting administrator access on PCs helps prevent users from installing unauthorized or unlicensed software and helps reduce the impact of malware inadvertently executed by the user. It obviously doesn’t do anything to protect the resources that users have access to on their local computer or elsewhere on the network. Malware that executes under the authority of the user can access any information or resources to which the user has permissions whether or not the user is an administrator of his or her local computer.
Are you safer when users don’t run as an administrator? Yes. How much safer? Not as much as you might think. Restricting administrator access is only one piece of the puzzle. You also must implement malware defenses such as antivirus tools, patching, and training.