Whenever you tell someone that you are taking away some of their rights and privileges, they get up in arms about it. Some will understand what you are doing, but you will always find a few dissenters who don’t like having something that they perceive as a “right” taken away from them. While outspoken voices can be great for promoting fairness and change in some areas of life, when it comes to your business, you have to remember that you are the boss. Just because they have a computer sitting on their desk, that doesn’t mean that your network and system are theirs to use as they see fit.
As you already know, simply having your computer system networked and on the web means that you are a target for viruses and malware, as well as a host of other problems. You need to make sure that you keep your system safe, and by using the least privilege principle, you will be able to do that. However, you should take the time to let your employees know what this is and what kinds of changes it is going to entail. Even though they don’t have the right to stop your company from implementing the changes, it is nice to give them a heads up and explain to them why you are doing it.
With the least privilege principle, you are going to eliminate the full system rights of many of your employees. The reasons for doing so are simple. They don’t really need to have all of those access rights because they simply don’t need those rights to do their job. Also, this reduces the chance of something bad happening to your system, either inadvertently or on purpose, by something that one of your employees does. Let them know that you aren’t taking away those admin rights because you don’t trust them; it’s that you don’t trust the hackers and viruses that are proliferating on the web!
Most of your employees will understand this and they won’t gripe about the least privilege principle. Some may, but don’t let them worry you. Just keep your company’s safety in mind. With the right knowledge, the best password management software and a great IT department that knows how to keep things running, you will be able to handle any security issues that might come your way. Start planning and implement this software before it is too late.