The next question you need to ask your IT Professionals is: “Do you have to reduce security in order for all of our programs to work properly?”
Last time’s message recommended that you ask your IT professionals to restrict users from being “administrators” on their computers: IT May Have Your Users Misconfigured!.
When you ask your IT professionals if any users are configured as administrators on their machines, a common explanation from IT to an executive is: “Yes, some users are administrators because some of our software manufacturers require users to be local administrators.”
This problem stems from the fact that you’ve likely tasked IT with keeping your systems up and running, and that includes configuring applications and systems the way manufacturers dictate.
IT professionals follow directions. They may do what the manufacturers tell them to do.
In case you wonder, the directives from the manufacturers to IT professionals are rarely issued as guidelines. They are closer to being commandments. Empower your IT Professionals to deviate from instructions from application vendors when the directions are suspect.
What if a software manufacturer instructs you to remove your network’s firewall? Of course you’d resist. Providing users with administrative access isn’t quite as bad as turning off your firewall, but it is closer than you think.
Your directive to your IT Professional needs to be: “Find out what permissions and rights that software needs, grant those rights, and make the users standard users, not administrators.” Your IT Professional is very qualified already and can do this.
Manufacturers who do mandate “give everyone rights to everything” are often warding off support calls about security permission errors.
Don’t let the poor choices made by software manufacturers harm your network security.
But, your IT person may wonder how on earth they are going to have time for this proactive task since they are putting out so many fires at the moment. That’s when you need to have a discussion about priorities. More on that next time.
Please forward this to your friends and post your comments below…