One Step Ahead: Security Tips from The Almanac


	Thursday, November 26, 2009

	Security "Greatest Hits"
	Managing Passwords
	E-mail Harassment & Forgery
	Hoaxes, frauds & scams
	Spam
	Phishing
	Wireless Networking
	Encryption & digital signatures

	Best Practices
	Secure desktop computing
	Secure servers
	Secure web applications
	Secure web development
	Secure data deletion
	Tips for safe computing
	Computing policies

	More in-depth information for
	Local support providers
	System administrators
	Application developers

	Security initiatives
	Critical host compliance
	Authentication & authorization
	Penn Security & Privacy Assessment (SPIA)
	Security Liaisons (Restricted Access)
	Secure Share
	NeXpose Vulnerability Scanner

	Related links
	Electronic privacy
	PennKey
	Viruses
	Worms, trojans, backdoors

One Step Ahead: Almanac Security Tips - 2009

In each issue, Penn's Journal of Record, The Almanac publishes helpful tips and hints for dealing with information security and privacy matters. This page is a collection of all those published thus far.

New! You can now receive new One-Step-Ahead Security and Privacy Tips automatically!
You can subscribe via Email or RSS.

Table of Contents (view all)

Search Engines: Raising the Stakes
You Can't Lose Data That You Don't Have
Password Cracking: The Pot of Gold at the End of the Rainbow
PennKey Opens Many Doors: Keep it Safe
Software Piracy
Collect Personal Documents and Computer Hard Drives for Free Shredding at the Employee Resource Fair
Don’t Use Excessive Privileges on Your Computer
Do You Google? Know How to Protect Your Privacy
Online Statements and Bill Payments: Safer Than Paper?
Updated Purchase Order Terms and Conditions Regarding Information Privacy & Security
Sanitize Word, Excel, and PowerPoint Docs Before Publishing
Exchange Sensitive Data Securely Using Secure Share
Facebook Sharing Can Be Broader than You Think: A Birthday Example
Managing Facebook's Privacy Settings for Safe Use
Be Careful with Facebook Apps

Whats popular?

social networking software privacy phishing home computing SSNs wireless hackers keyloggers mobile devices security passwords virus documents www identity theft spam email

Tagged with security

Tuesday, July 14, 2009 - Almanac Vol. 56, No. 1

Don’t Use Excessive Privileges on Your Computer

Computer privileges are like scissors; it’s not safe to "run" with them.

Windows and Macintosh computers assign users specific capabilities. On a Mac, they are called "privileges." Windows calls them "rights." The most privileged account, "Administrator," has privileges to create new accounts, read or delete any file, modify the operating system and much more.

Few such privileges are needed for most day-to-day computer activities like reading e-mail, using a web browser, or creating documents or spreadsheets. All that is needed for most activities is the limited set of privileges that come with what Mac and Windows both call a "standard" account. Typically, Administrator privileges are only needed occasionally, to apply software updates, for example.

If, as a result of visiting a malicious website or opening an infected e-mail attachment, you were to unknowingly activate a computer virus on your computer, it would have all of the same privileges as the account you are running. If you are running as a standard user, without Administrator privileges, over 90 percent of malicious software will be unable to compromise your computer.

Of course, it is necessary from time to time, to use Administrator privileges. But by using those privileges only when needed, you dramatically increase your security.

Please check with your Local Support Provider if you're not sure which account you are using.



Information Systems and Computing University of Pennsylvania Comments & Questions