Microsoft considers taking admin rights from employees
May 23, 2006 2 Comments
From the ZDnet article: As Microsoft moves its internal desktop systems to Windows Vista, the company is contemplating whether to change a long running tradition and take away admin rights from its employees in order to improve security.
This explain quite a bit I think. While some job functions absolutely need admin privileges, every employee at a company as large as Microsoft is a bit much. I think, though, it shows the mentality of the company when it comes to security. That mentality comes though in the end product, which has been historically ridden with security issues. This may also explain why so many applications that quite simply should not require admin privileges do – if Microsoft runs everyone as admin, that's the example that's being set. I've seen many companies give up and give people admin for the sole reason that it's the only way they can get things to work. Enter a decade of viruses, malware and fun. Good to see this mentality may finally be changing, although it's a bit late. Maybe in 5-10 years most Windows software will understand the proper security paradigm and the security issues will calm down. The Vista successor should be out by then ;)
–jeremy
Microsoft, MSFT, Vista, security, Windows, Open Source
Jeremy's Blog 
Very ironic :) I think, though, that this comes under “eating their own dogfood” – if they give everyone admin rights they can say “see, we believe in our security model so much that all our employees are admins”. The problem with that is that, in the IT industry, we forget that not everyone is techie minded. I wonder how many times they had to reinstall machines because of Gator or other rubbish software?
Now that Microsoft are becoming more security focused, eating their own dogfood means taking away those rights.
And I made the “dogfood” comments before I read the article!! ESP or what?