Least privilege? Disabled macros?


(RMazzaro) #1

Are your using the principle of least privilege with your users? Have you disabled macros in your Office Suite?

We did a few years ago and we are glad we did. Disabling macros is pretty easy also. With the threat environment that exists today, these ‘simple’ measures can go a long way to protecting your users!


(Edwin Eekelaers) #2

Users and less then near zero privileges are incompatible because the more they can do the more they will mess up…


(Justme) #3

Least privilege absolutely. Software restrictions policies also go a long way to prevent certain strains of virus and malware. Macros are disabled by default but some departments do use them so they are an exception unfortunately. We are also exploring the option of not installing java and flash on workstations (formerly required for some vendor web apps we use) now that html5 and other alternative avenues allow for web use without flash and java.