Monday, August 23, 2010

Review of Least Privilege Security Posted


Amazon.com just posted my four star review of Least Privilege Security for Windows 7, Vista and XP by Russell Smith. From the review:

Russell Smith's Least Privilege Security for Windows 7, Vista, and XP (LPS) is a helpful contribution to the toolbox of many enterprise system administrators. Numerous organizations are finally realizing that the Internet is too hostile an environment to let normal users function with elevated privileges. Although by no means a panacea for preventing intrusions, users operating with least privilege are somewhat more able to resist some attack vectors. Beyond resisting attacks, users operating with least privilege are more likely to meet organizational rules. Thanks to LPS, administrators running Windows 7, Vista, and XP can apply the author's lessons and guidance to their own environment.

2 comments:

Clive Robinson said...

Richard,

The problem with least privilege is it tends to deal with attacks against the system not attacks against the information.

In practice a user (should) operates at what ever privilege alows them to get their work done.

For those wishing to get access to the information as oposed to the system the user is working on then the least privilege of the user will always be sufficient for the attack to succeed.

We are starting to see malware that targets information files (PDF / Word files etc) so least privilege whilst necessary is not, in of it's self by any means sufficient these days. Especially as more and more backend systems are accessed through middleware with an XML over HTTP client interface. And the client browsers in use have very little or no security or seperation between the various information services it may be connected to.

Derek Melber said...

Clive,

You have very good points here with regard to access to resources, such as PDF and Word, however, I think that the overall point might still be missed.

Richard is working on solutions, as I have been for the past 7 years, on getting corporate networks to understand the important reasons to have users running as least privilege users.

The fact that the user might have insecure data on their computer has NOTHING to do with least privlege. That is a corporate security issue, which is allowing users to store data locally.

With Windows 7, UAC, and solutions such as BeyondTrust Privilege Manager, corporations are able to now have all users (standard and admins) run with least user privileges, removing the VERY HIGH RISK and exposure that running as local administrator poses.

Protection of the local data has nothing to do with this issue!

Derek Melber, MVP