Managing the risks of local administrator privileges in a zero-trust world

Limiting user permissions and adopting practical strategies for managing privilege access for local administrators are essential for achieving a robust zero-trust framework, says ThreatLocker Co-Founder and CEO Danny Jenkins in a new podcast for CyberScoop.

“Local administrator privileges pose a significant risk because they allow users to disable security tools, boot systems into safe mode and bypass essential protections,” says Jenkins. He added that this risk has grown due to the ability to execute these actions remotely. “Even if ransomware doesn’t require admin privileges to run, having those permissions can make it easier for attackers to disable defenses,” he says.

One major hurdle organizations face in restricting local admin rights is legacy software. “Many older applications were designed for environments where everyone was a local admin,” says Jenkins. “This makes transitioning to least privilege access a challenge, especially for specialized software critical to business operations.”

To tackle these challenges, Jenkins advocates for implementing Enterprise Privilege Management (EPM) solutions. Key features of these tools include rotating local admin passwords and allowing specific software to run with elevated privileges without granting users full administrative access. “The goal is to ensure security without compromising productivity,” he says.

Balancing security with user productivity is another crucial consideration. Jenkins stressed that most users don’t need admin rights for day-to-day tasks. “The reality is, users can run their applications without admin privileges, and if they need elevated access, EPM tools enable them to request it seamlessly,” he says.

Effective communication is also vital for successful implementation, according to Jenkins. “Today, it’s easier to justify removing admin rights because ransomware and cyberattacks dominate the headlines,” he says. Providing clear guidelines and support for users ensures cooperation and minimizes friction.

For government IT professionals, adopting these practices is a critical step toward fortifying defenses in an increasingly complex threat landscape. “It’s about creating a culture of understanding and accountability,” says Jenkins.

Listen to the entire podcast conversation on CyberScoop. Learn how ThreatLocker helps government agencies protect their credibility and sensitive data.