Administrator Account Indicator

This suggestion is based on the research into the security benefits of using a Windows Standard User account, highlighted in the following thread:

 

New Study Shows Benefit of Not Running as an Administrator

 

Every month, in their blog posts about Microsoft Patch Tuesday, Symantec also highlights that running all software with the least privileges required while still maintaining functionality is considered to be a security best practice:

 

As always, customers are advised to follow these security best practices:

 

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

This suggestion aims to take a proactive approach in protecting users by having their Norton product unobtrusively remind them about their elevated level of system access whenever they are logged into a Windows account that has Administrator privileges. This reminder would be achieved by overlaying the Norton icon in the Notification Area with a red ‘A’ (for Administrator):

 

 

NIS Taskbar Icon - Administrator Account.png

 

 

The purpose of this red overlay would be to remind users that an Administrator account should only be used for performing tasks that require Administrator privileges and nothing more. An account with Administrator privileges is not to be used as an everyday account; that’s what Standard User accounts are for. The red overlay serves as a reminder for users to log out of their Administrator account once they've completed their Administrator tasks and to log back into their Standard User account (where the red overlay will no longer be present).

 

As with other Norton protection features, a setting would be provided that allows the user to turn off this red overlay. When set to Off, the red overlay would no longer display on the Norton icon whenever the user is logged into an Administrator account. This setting would be managed by an On/Off slider in Norton Internet Security’s Advanced user interface (or equivalent in other Norton Security products).

 

End-user education, by having Norton security products highlight the risk associated with using an Administrator account for everyday computing, is the intent of this suggested feature.

 

For consideration.