Whether it's logging into your computer at work, or not as the case may be at home, the type of account access you have isn't just about having a different background or access to different files. The type of computer access you have can provide some level of protection against cyber attack making it more difficult for cyber criminals to get access to or change your data.
In the sixth blog from our Cyber Security Partners at IASME, they explain the different account types and why its important to get your computer access under control?
Knowing who has access to what
Not everybody has access to one computer, so when people share the same computer, they usually have separate user accounts (or logins). This allows for customisation of design, settings and apps, it also gives some privacy to users files as well as ensures accurate authentication and accountability. How else can you track and control who accesses the files or is able to change something in your system?
When a new user account is created, the type of account determines what the user is able to do.
Administrators can do everything; users cannot
An administrator is someone who is in charge of the settings and controls of a computer, and someone logged into an account with administrator privileges can do pretty much anything on that computer. They can view every file on the system, including any account maintenance, billing and subscriptions, change system-wide system settings, run all installed programs, add new programs, install new hardware drivers and change the usernames and passwords of other user-accounts.
A regular user cannot perform administrative tasks, they are usually limited to everyday tasks such as sending emails, creating documents and conducting internet searches. If they are able to access additional files and data, it will only be those that the administrator allows.
Using a regular user account when you are on your computer helps keep your system more secure. Let's say you accidently click on a malicious link or open a dodgy file attachment, malware (which is software designed to do harm) might automatically try to download, but as the malware would have the same privileges as the account you are logged in as, the malware download would automatically require an administrator password. This would alert you to the fact that software was trying to download and you would be able to deny it.
By default, user accounts in Windows have administrator privileges, meaning they allow you to install, modify or delete software. If you are the only person that uses your computer, you might not realise this and be working from an administrator account all the time. This level of access carries security risks, as unfortunately, you have the ability to do things that you never really intended to do, some of which can cause major problems with the computer. It's quite easy for an administrator to accidentally delete an important system file or change a setting that renders the PC unstable or un-bootable.
No one, not even home users, should use administrator accounts for everyday computer use, such as web surfing, emailing or office work. Instead, those tasks should be carried out by a standard user account. Administrator accounts should be used only to install or modify software and to change system settings. If you're a Windows user who has administrative rights, you should create a separate administrator account, and downgrade your regular account to standard-user account. (You can still perform administrative tasks by typing in the password to the admin account.)
Additionally, most computers come with a 'guest' account enabled which allows anyone to freely access your device – you should disable it. In a similar vein, if there is an account on your computer that is no longer used, be sure to delete it.
As more of our information and activities go online, cyber security has become a necessary part of life that keeps us safe from crime. Just like learning anything new, it can be broken down into small steps and implemented in bite sized chunks. Businesses of all sizes are at particular risk of cyber crime and would benefit from working towards Cyber Essentials which is a Government approved scheme. By implementing just five core controls that protect against most cyber attacks, businesses can ensure they are on the right track as well as demonstrating to their customers and suppliers that they are serious about cyber security.
Find out more about the IASME Cyber Essentials scheme.
Thank you IASME team for the insight. This blog was published on Friday 26th March and is duplicated with permission from IASME. Original publication located at https://iasme.co.uk/cyber-blog/user-and-admin-accounts-control-the-access-to-your-computer/.
- Having a separate administrator account on your computer can protect your machine from being an entry point to your network for cyber criminals.
- Do you know if your everyday login account has admin rights? For everyday use have a separate user defined access profile.
- If you don't know who has access to what data and systems in your business speak to Concise about changing that.
- Cyber Essentials Certification goes a long way to getting this control in place for your business. Speak to Concise today about Cyber Essentials Certification.
IASME are a chosen partner of the National Cyber Security Centre (NCSC) and are responsible for Cyber Essentials Certification delivery in the UK. Learn more about IASME.