Reclaiming the Keys to the Kingdom: Higher Ed Admin Rights

At many academic institutions, faculty and staff are still granted local administrative privileges on their computers. This is a security risk long since shunned in the corporate world, and for good reason: Microsoft research indicates that 80% of critical vulnerabilities could be mitigated by removing admin rights. Largely due to institutional inertia, local admin rights are still routinely granted in academia, which creates unnecessary risk. This interactive presentation will present original research in this space, survey attendees on the approaches at their institutions, and demonstrate some policies and solutions in use at the University of Virginia.

Outcomes: Learn about common approaches in academia for providing administrative access through the use of survey data * Gain a clearer understanding of the risks involved when faculty/staff use admin accounts on a daily basis * Understand realistic approaches (more nuanced than "take admin rights away from everyone!") that work in higher ed