Security Benefits of UAC
Don’t discard the security benefits of User Account Control (UAC). UAC is a Windows 7 in-built tool that protects your system but more important, UAC is a security feature that informs you when an action requires elevation of privileges. For more details about UAC go here and here.
It is recommended to use UAC as part of a defense-in-depth security strategy. The best practices for using UAC in an organization can be summarized as follows:
- Leave UAC enabled for client computers
- Educate all users to log on with standard user privileges – even IT staff!
- Where possible do not give users, accounts with administrative privileges to their local computers, and each user should have a single account with only standard user privileges.
- Domain administrators should have and make use of two separate accounts – a standard user account that they use to log on to their computers, and a second Administrator account that they can use to elevate privileges.
- The UAC policy setting Behavior of the elevation prompt for administrators in admin approval mode to elevate without prompting will make administrators more productive but increases the security risk in your environment. Allow this scenario only if administrators use a standard user account for day-to-day privileges and only log on with an administrator account when managing a computer.
- Educate users with local administrators’ credentials not to approve a UAC prompt if it appears unexpectedly. UAC prompts should appear only when a user is installing an application or starting a tool that requires elevated privileges. Unexpected prompts may mean activity by malware! Reject the prompt if in doubt to stop any unwanted changes to your system.
- Test all applications in your environment using a standard user account to verify whether they function properly with a standard user account. If not, request an update or consider replacing these applications with newer versions.
- When users do require elevated privileges, administrators can provide the necessary credentials either by using remote assistance or by physically typing the administrator credentials while at the user’s computer.