Is it true that just 5 technical controls can help prevent most cyber attacks? What are these cyber security essentials and how do they work? Over #CyberSecurityAwarenessMonth we will explore each of the five controls in separate blog posts to find out more.
Control who can access your data and services and what level of access they have.
By creating accounts with different levels of access and privilege, you can limit the risks of accidental and malicious damage. When a new account is created, the type of account it is will determine what the user is able to do.
An administrator is someone who is in charge of the settings and controls of a computer, and someone logged into an account with administrator privileges can do pretty much anything on the computer. They can view every file on the system, including any account maintenance, billing and subscriptions, change system-wide system settings, run all installed programs, add new programs, install new hardware drivers and change the usernames and passwords of other user-accounts.
A regular user account cannot perform administrative tasks, they are usually limited to everyday tasks such as sending emails, creating documents and conducting internet searches. If they are able to access additional files and data, it will only be those that the administrator allows.
If you do not know what kind of account you have and do not remember choosing one, you might be using a default account. By default, the first account created in Windows and on a Mac have administrator privileges, meaning they allow you to install, modify or delete software. This level of access carries security risks because when you are logged in you can be tricked into doing things that you never intended to do, some of which can cause major problems with the computer. It’s also quite easy for an administrator to accidentally delete an important system file or change a setting that renders the PC unstable or un-bootable. If you work for a small business or for yourself, you might not realise that you are permanently logged on with an administrator account.
No one, not even home users, should use administrator accounts for everyday computer use, such as web surfing, emailing or office work. Instead, those tasks should be carried out by a standard user account. Administrator accounts should be used only to install or modify software and to change system settings. If you are using an account on your computer which has administrative rights, you should create a separate administrator account, and downgrade your regular account to standard-user account even when you’re the only person who uses the computer. (You can still perform administrative tasks by typing in the password to the admin account.)
The administrator account should only be used when a task absolutely has to be done that a standard user account is prohibited from doing. During normal use it is always best to log in to a regular user account. If more than one person will be using the same PC each user should have their own regular, separate account. Separate accounts ensure accurate authentication and accountability and allows you to track and control who accesses the files or is able to change something in your system. Additionally, most computers come with a ‘guest’ account enabled which allows anyone to freely access your device – you should disable it. In a similar vein, if there is an account on your computer that is no longer used, be sure to delete it.
How can this help prevent a cyber attack?
Find out more about getting Cyber Essentials certified here.