Regular Web browsing and email phishing put Windows workstations at constant risk. Endpoints are where many of the greatest risks to enterprise security lie, and giving users control over those endpoints only opens networks to more risk. Local admin rights give the user too much power. Many users - especially the higher-ups - don't want to feel handcuffed or slighted because they don't have complete control, so admins let users be the masters of their own devices.īut in many cases, the decision about whether to allow local administrator rights or not is based on emotion rather than facts, and admins cannot let such feelings determine how they manage security. They can download any application, use any program, and even ignore or undo anything IT administrators do to their devices.
When users have local admin rights, they have the power to do almost anything they want to their workstations.
