Corporations need to protect their networks from uninformed employees. Corporations also need to equip well-informed employees with the ability to defend the network. This is where some fail.
Given: No corporation wants their entire company-wide network to be shut down due to careless Internet habits of a few employees.
Given: No corporation wants to spend money to get support personnel to bail out naive individuals who unknowingly delete their operating systems.
Given: Viruses, worms, trojans, and hackers can cause huge problems for computer networks, especially due to the easy transmission of malware through company intranets.
The Problem: There are always some employees that have the technological know-how to combat these security threats, remove viruses, stop the spread of malware, etc. Many of these employees do not have the administrative rights necessary to actually do anything useful in this regard.
When you are sitting in your office and the network is blitzed with a trojan, and your Symantec Antivirus points it out but can do nothing because you aren’t an administrator, it is inevitable that you cry out, “Why me?”
Problem Number 2: Sometimes, even the managers that have administrative access are not allowed to use it to their advantage due to conflicts with company policy.
Now, certainly a company wants to be careful of what is allowed on their computer systems, but if your systems are already crashing, and you are faced with reformatting, what could it hurt?
The Washington Post’s SecurityFix’s “Media Worm?” blog post reported on August 17, 2005 that large media companies such as CNN, ABC News, and the New York Times were attacked by the Zotob worm. My employer also suffered the effects of this worm. Unfortunately, we lacked official in-house technical support personnel to combat the worm. Of all of the computers that were logged into the network when the worm attacked, mine appeared to be the only one that was not infected. However, Symantec Antivirus did detect several incoming virus threats, and succeeded in defeating them instantly as they came.
The only way to counteract most viruses and worms, however, is to use an antivirus solution with administrator access. Without administrative rights, antivirus almost always fails to remove the threat, since it is not allowed to alter system files and files in use due to file access restrictions. In such a case, an annoying “Leave Alone succeeded” message is received, even though it seems rather pointless to claim that leaving the threat alone on the computer is any form of success.
If my boss had been allowed to distribute administrative access, even temporary administrator rights, to the employees under him, it would have saved him a lot of headaches and would have allowed the defense systems set up, such as antivirus, to perform the function for which they were created. Our company suffered at least four virus attacks one summer that caused several people to be unable to work. The Zotob worm was just the newest case of these problems.
Solution: It is important to be careful. Paranoia goes too far. Allow those with administrative rights to share their privileges with qualified individuals. Make it easier for an individual to gain, at least temporarily, administrative rights to his own computer in accordance with his manager’s permission. This would save a lot of headaches, especially for those dealing with a lack of “official” in-house technical support personnel. Instead of crippling a network under corporate bureaucracy, let the strengths of technically gifted employees shine to the benefit of company efficiency.