Free! Registration is required.
As the requirement to comply with industry and government regulations, such as PCI DSS and Government Connect (or FDDC in the States), becomes more established, securing data as it passes through personal computer systems is crucial to satisfying auditors and ensuring that security breaches don’t result in expensive data loss.
It’s common practice for employees to log in to Windows PCs with administrative privileges to carry out everyday tasks, dramatically increasing the risk that malware, such as viruses and key loggers that steal passwords and sensitive information, can install without the user’s knowledge.
While it’s often considered that antivirus software and firewalls provide enough protection to block malware on PCs, these solutions are regularly thwarted and are only effective if part of a defense-in-depth security strategy.
This whitepaper discusses the concept of least privilege security for personal computers, why it’s needed to meet requirements set out by regulatory bodies and how to overcome problems in its implementation.