Implementing the Principle of Least Privilege

Companies need to balance securing their network environments with maintaining maximum user functionality. The Principle of Least Privilege stipulates that users should have only the permissions and privileges necessary to perform their daily functions and tasks. Administrators, likewise, should perform routine, nonadministrative tasks using a restrictive account with the minimum level of permissions and privileges. In other words, administrators should perform routine, daily tasks with an account that has just the necessary permissions to perform those tasks. When administrators need to perform specific tasks that require extensive permissions, they can use either an administrative account containing the elevated permissions and privileges or they can use the Runas command to access administrative applications, tools, and utilities that require the broader permissions.

Using the Runas command or an account with minimum permissions ensures that if security is compromised, the impact of the security violation is minimized by the limited privileges of the user or administrator account. Using the Runas command is also efficient; you save time by not having to log off and then log back on again. Remote computer management using the Active Directory Users and Computers console with administrative credentials can also be accomplished using the Runas tool. For example, to use AD Users and Computers with domain admin credentials, type the following:

 Runas /user:  <YourComputerName>  \administrator "mmc%windir%\system32\dsa.msc"