Re: Restricting PC Admin Rights

[WALTER KERNER <walter_kerner () FITNYC EDU>]

Hi Jim.  We are in the process of restricting admin rights.  I can’t find
the exact numbers, but we saw very clearly that the number of virus
instances for people who still have admin rights is much higher than those
who don’t.  We also use a product called Avecto (Just acquired by Bomgar).
It lets you delegate certain admin functions to users (change time zone,
attach a printer, install authorized programs, etc.) without giving them
the full admin rights.







Walter Kerner

Assistant Vice-President and CISO

[image: blue]

333 7th Avenue, 13th Floor

New York, NY 10001

Voice: 212-217-3415



*From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Pardonek, Jim
*Sent:* Monday, August 13, 2018 11:06 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* [SECURITY] Restricting PC Admin Rights



Not sure if there is somewhere else I can get this info, I’m sure it’s been
asked before, but I am checking to see how many of your institutions
restrict admin rights.  We are putting a proposal together to leadership to
do exactly that as we have had a number of folks fall for scams that
involve the installation of software on their PCs.



Thanks,





*James Pardonek, MS, CISSP, CEH, GSNA*

*Information Security Officer*


*Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL  60660*
*(**: (773) 508-6086*



*Loyola University Chicago will never ask you for your username or
password.*

*For the lastest information security news at Loyola, please follow us
online,*

*Twitter: @LUCUISO*

*Facebook: https://www.facebook.com/lucuiso/
<https://www.facebook.com/lucuiso/>*

*Our Blog http://blogs.luc.edu/uiso/ <http://blogs.luc.edu/uiso/>*