Avoid using default administrator privilege account
By default, when colleagues logon desktop computer in office or set up a new personal notebook computer, an administrator privilege account profile will be created. This account allows user to set up the computer and install any software with complete control over the Windows and unrestricted access to the computer.
However, logon as an administrator account, exploits are more easily to install malicious software such as malware and spyware for modifying and deleting files, and attacking other campus computers without you knowing.
Colleagues should use a standard user type account for daily use.
- Standard user type account can be a local account or ITSC domain account. It can access most of the applications and make changes on most of the system settings. If any action attempted requires administrator rights, such as install a new software, Windows will display a prompt for an administrator account and password for approval.
- Administrator type account has complete control over the Windows. It can change any system settings and access all files and programs on the computer, and even other campus computers on network.
- Use only standard user type local account or ITSC domain account
- All ITSC domain account profile should change to standard user type
- Remove account profiles which are no longer in use
- Step-by-step guide for implementing the above security measures
- For assistance, please approach your departmental Computer Security Coordinator (CSC)