Re: Administrative v/s power user Access for Staff and students

[Kevin Shalla <kshalla () UIC EDU>]

The local departments control the access level.  Some give
Administrator, others give User.  I've set up my office to use
User.  The good thing about this is that since I've been doing this
(cross my fingers), I haven't had to re-image a machine - if I cannot
remove malware, I can simply save some known useful files, delete the
offending profile, create a new profile and reload the files.  I get
a few more calls now to update software, but I'm happy to oblige,
given the reduction in successful malware attacks.

At 01:31 PM 3/6/2009, Anand S Malwade wrote:
> I was wondering what other universities are doing in limiting
> administrative access on Desktops and laptops for Staff ?
> The rationale being as we know that enterprise workstations run as
> administrator also makes the network vulnerable to malware including
> viruses, Trojan horses, spyware, adware and unintentional user
> damage. Malware can exploit a local administrator account's
> system-level access to damage files, change system configurations,
> and even transmit confidential data outside of the network. Ensuring
> that all users run as standard users is the primary way to help
> mitigate the impact.
> Has anyone tried giving Power User level access as opposed to full
> admin rights and if yes what was the overall experience ?