Microsoft Debates Reducing its Own Employees' PC Access

 
 
By Deborah Rothberg  |  Posted 2006-05-24
 
 
 
News spread quickly that the director of Microsoft's internal security told a reporter at the AusCERT conference May 23 that Microsoft is considering limiting employees' full admin rights to their desktop PCs.

Microsoft has always given the majority of its employees full admin rights on their desktop PCs, though this is unusual; most companies' IT departments limit access in order to more easily manage the workstations under their jurisdiction.

"We're looking at what sort of permissions you have when doing certain things on computers," a Microsoft spokesperson told eWEEK. "You don't need full permissions to use the Web or to check your Hotmail."

The access standard the company is considering for its employees is related to one Microsoft is already planning to apply to its customers.

For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internet's Security IT Hub.

Expected to come as a built-in security advance in Vista, a feature called UAC (User Account Control) ensures that dangerous software cannot be involuntarily installed onto a system when a user runs the computer under a lesser privileged account.

"User Account Control makes it possible for organizations to deploy a more manageable and secure desktop in which end users can run as standard users (not administrators) and still be productive. The reality is most end users won't notice a difference when doing everyday tasks," a Microsoft spokesperson told eWEEK.

Read the full story on eWEEK.com: Microsoft Debates Reducing Employee Admin Rights