That’s solid advice for bustin’ paranormal chops, but bad for keeping your computer safe.
Bad guys with good permissions
When your computer gets infected (or hacked, or…), the malware runs with the same permissions that you have. That means that if you have “god” permissions (admin rights) on your computer, so does any person or software that compromises your computer.
To put it bluntly, the hackers or virus will be able to do whatever they want with your computer.
So whaddya do?
The good news is that this is easy to fix:
Everyone in your organization needs to run with only the permissions they need to do their job. That includes everyone from CEO to janitor.
When you need to do something that requires admin rights, you can just enter the password and be on your way. Or, for an extra layer of security, keep the admin password secret and require a second person to approve the action and enter the password.
A permission gotcha
You may find that things don’t work quite the same way with some software once you run with lower permissions. That’s because some software coders out there still assume that everyone runs with full admin rights.
Often times, with a little tinkering, we can figure out how to make things work with fewer permissions. For the essential programs that just won’t work any other way, you can always right-click on the icon and choose “Run as Administrator.” (My *nix peeps can su or sudo, but you already knew that. 🙂 )
That’s all there is to setting appropriate permissions: Give yourself (and everyone else in your organization) just enough permissions on their computer to do their job, and no more.