"When it comes to security, non-IT users should not have a say. Security regulatory requirements, such as HIPAA, FDCC, and more, clearly indicate that employees should be standard users and not administrators for their desktop. The reason is that non-IT users are typically not educated on security best practices for their computer and cause more damage than good when configured as an administrator."
This is a huge generalization that isn't always true. If you're talking about non-technical users in a call center for example, it may be true. But if you're talking about an engineering organization (such as a software or hardware company), where IT's job is to support highly technical engineering staff, this type of policy tends to be a huge waste of everyone's time. In those type of environments, IT staff can in some cases be the least technical users in the organization. Those are cases where it makes a lot of sense to give users administrator rights to their local desktops, and enable UAC to keep them aware of background process changes.
Discussion on:
Message 3 of 1
IBM Sponsored Resources
Resources from our Sponsor
- Oracle Exadata vs IBM: Netezza Compared
- Forrester TEI Report
- CIA Whitepaper
- Harnessing the Power of Advanced Analytics
- Tapping into Unleashed Business Potential with Advanced Analytics
- Unlock Analytic Performance with Revolution R for Enterprise and IBM: Netezza Data Warehouse Appliance
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
