When people share the same computer, they usually have separate user accounts. This allows for customisation of design and settings and apps, it also gives some privacy to users files as well as ensures accurate authentication and accountability. How else can you track and control who accesses the files or is able to change something in your system? When a new user account is created, the type of account determines what the user is able to do.
An administrator is someone who is in charge of the settings and controls of a computer, and someone logged into an account with administrator privileges can do pretty much anything on the computer. They can view every file on the system, including any account maintenance, billing and subscriptions, change system-wide system settings, run all installed programs, add new programs, install new hardware drivers and change the usernames and passwords of other user-accounts.
A regular user cannot perform administrative tasks, they are usually limited to everyday tasks such as sending emails, creating documents and conducting internet searches. If they are able to access additional files and data, it will only be those that the administrator allows.
Using a regular user account when you are on your computer helps keep your system more secure. Let’s say you accidentally click on a malicious link or open a dodgy file attachment, malware (which is software designed to do harm) might automatically try to download, but as the malware would have the same privileges as the account you are logged in as, the malware download would automatically require an administrator password. This would alert you to the fact that software was trying to download and you would be able to deny it.
By default, user accounts in Windows have administrator privileges, meaning they allow you to install, modify or delete software. If you are the only person that uses your computer, you might not realise this and be working from an administrator account all the time. This level of access carries security risks, as unfortunately, you have the ability to do things that you never really intended to do, some of which can cause major problems with the computer. It’s quite easy for an administrator to accidentally delete an important system file or change a setting that renders the PC unstable or un-bootable.
No one, not even home users, should use administrator accounts for everyday computer use, such as web surfing, emailing or office work. Instead, those tasks should be carried out by a standard user account. Administrator accounts should be used only to install or modify software and to change system settings. If you’re a Windows user who has administrative rights, you should create a separate administrator account, and downgrade your regular account to standard-user account. (You can still perform administrative tasks by typing in the password to the admin account.)
Additionally, most computers come with a ‘guest’ account enabled which allows anyone to freely access your device – you should disable it. In a similar vein, if there is an account on your computer that is no longer used, be sure to delete it.
As more of our information and activities go online, cyber security has become a necessary part of life that keeps us safe from crime. Just like learning anything new, it can be broken down into small steps and implemented in bite sized chunks. Businesses of all sizes are at particular risk of cyber crime and would benefit from working towards Cyber Essentials which is a Government approved scheme. By implementing just five core controls that protect against most cyber attacks, businesses can ensure they are on the right track as well as demonstrating to their customers and suppliers that they are serious about cyber security. Click here to find out more about the Cyber Essentials scheme.