Using Limited User Accounts to Keep your Computer Secure

An account on a computer system is an identity, which, in most cases, is authenticated before the owner of the account can make use of the computer. Accounts in the context here refer to users like you and me. Roles on the other hand are collections of rights and permissions commonly used together. As every user belongs to one or more roles roles essentially define what a user can do with his or her account in terms of managing a system or software.

The administrator role is usually the most powerful with individual accounts or groups of people’s accounts belonging to it. They are usually called administrators or admins for short, and have total access to the computer system(s). Those user accounts which do not belong to the most powerful role on the system under consideration are therefore called limited user accounts, or standard users. Usually, these people can run ordinary programs without making unintentional changes to the system.

As follows from the need-to-do general principle in IT security users shall not be given more rights and permissions than they really need for carrying out their jobs with the help of computers. At home, the same principle can be applied to your kids or spouse, and perhaps to protect the computer from yourself.

Limited User accounts prevent

• Changing computer configuration;

• Accidental deletion or modification of data and programs;

• Malware from installation, especially when surfing;

• Kids and corporate users from installing software of any kind;

• Using the computer for other purposes;

• Theft of information or intellectual property;

• Computers become unable to provide their intended service;

just to name a few.

Switching roles takes the need-to-do principle further with users belonging to privileged roles carry out their daily tasks, such as, for instance, writing an email, in the context of a basic role, as a limited user. Only when administrators have to install software or set up user accounts for example do they switch to an administrative role, e.g. by means of the UNIX su-command or Windows’‘Run As’. Windows Vista, for instance, prompts for administrative permissions when needed and even demands administrators to approve a change of security context. For software which does not permit role switching the workaround is having two user accounts, one as a standard or normal user, and the other account a member of the administrator role.

In addition to administrator and standard user there are usually a number of predefined roles with privileges between the two extremes to which user accounts can be assigned according to their duties. Furthermore can roles can be tweaked to provide further or deny excess permissions. Alternatively, it is possible to specify programs to be run with a privileged role which also overcomes the fact that limited user accounts sometimes cannot run legacy software by standard means.

In addition to the benefits of using limited user accounts does switching roles raise the level of awareness of one’s responsibility (role).

To improve computer security with little effort and no cost use limited user accounts by assigning roles to user accounts according to the need-to-do principle. Implement role-switching by using a limited account for your daily tasks only changing to the administrator role when prompted or in a need.