Windows Administrator rights give an account the many abilities including the ability to install software, modify settings, modify logs, as well as create and delete user accounts. If an account with administrator rights falls into the hands of a malicious actor then they are in control of your system.
Revoking Administrator Rights
You will always need an account with administrator rights on your machine otherwise you will not be able to install software and make other important changes. With that being said you don’t need every account on your computer to have admin rights. Just have one account with admin rights and use another unprivileged account when using your PC. In case you somehow get malware on your PC while using the unprivileged account the amount of damage it can cause is limited because the account can’t do anything of significance on your PC, unlike an admin account.
Cybersecurity Maturity Model Certification (CMMC) Requirements and Admin Rights
Companies with CMMC level two and higher certification requirements will need to enforce the “principle of least privilege”. As a result they will need to revoke admin rights from accounts that do not have a justified business need. This reserves admin rights to accounts used by your system administrators and others with an authorized operational need. Companies will also have to use separate non privileged and privileged accounts. You can not allow a system administrator to use their admin account when they are performing non-system admin or security functions. You also need to log the execution of privileged functions so that you have a record of the actions your admin accounts have taken. If you would like more information on your cybersecurity maturity model certification (CMMC) related requirements reach out to us at info@lakeridge.io.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.