Either you are in charge of a small business or part of the IT group with networks consisting of hundreds of servers, you face some similarities in certain areas of the business structure, one of them, and mostly a potential vulnerability and failure point, the final user. Usually, all users are set to have full privileges to their computer which allows them to install and remove applications, turn off services and edit configuration settings.
This kind of rights allow malware and other harmful software to easily spread and have control over devices like cameras or microphones, network cards, printers. Viruses usually take advantage of this and spread and infect you computers in your networks.
Often, the problem with users and software are due to downloads from untrusted sites, infected hard disks or USB drives, personal laptop computers and other media devices that can cause harm to the entire organization.
To prevent security incidents, a policy should be enforced so that limited user access is assigned, with least to know privileges. This should also address issues relevant to users moving from one department to another, which must have their rights reviewed and modified. Also, when a user leaves the organization, access to all information should be denied.
