Microsoft Windows Security Auditing, You should wondering, how can I protect my windows computer? Isn’t enough to install an antivirus and anti-malware to stop malicious software from spreading?
The answer is NO. It is not enough to install an anti-virus and anti-malware to browse safely the web. This type of software of course helps protecting your computer from getting infected. However, there are more things you should do to add an extra security layer.
Continue reading below our how to guide.
What is your Local Admin Account?
In every Microsoft Windows Security Auditing, there is a default local administrator account. The admin account has the rights and the power to do anything you want. For example, the administrator can download any software, install anything or remove any program installed on the computer. As a home user, you may think that it is normal to use admin account your everyday tasks. However, keeping the admin account for emergency use improves your PC security.
In many companies, employees cannot take actions with their normal user account. Users must ask their IT manager to allow them install or take an action that may change something in their computer. The reason for adapting this or other similar security policies in companies is to protect the infection of user’s endpoints. In other words, if a user downloads a malicious file, the file cannot be executed if not approved by an admin. As a result, user’s workstation will not get infected by virus.
User Account Control (UAC) dialog box
In case you didn’t notice, when you install a software in Windows 10/11, most of us that use a local admin account just have to click Yes inside a User Account Control (UAC) dialog box. The image below shows a UAC dialog that asks user to put admin account credentials to allow the installation of a file. This is a typical scenario in large organizations. Requiring the user to input password of other account, allow us a second chance to think if it is a valid software to be installed or not.
Usually, the UAC box appears when user’s action needs elevated privileges. This occurs even if you are already using an admin account to remind the user that the action needs admin privileges. So, clicking the Yes button is done without even thinking about it.
If you are installing a software from a legit source, you may not even think about clicking No in the box. However, downloading software from various non-trusted sources, a No answer may help us avoid getting a virus.
Why use a non-admin account?
The simple trick that we suggest to increase the security of your Windows PC is to use a normal non-admin account for your everyday computer use. Then, you can create a separate local user account to act as administrator. And, as explained previously, every time you take an action that requires elevated permissions, you will have to put the credentials of the admin account.
The justification for doing this is rather simple. There is a chance that you get malware/virus infected and that malicious software may bypass the User Account Control (UAC) dialog box. That means the malicious actor will have the same privileges as your admin account. An attacker might install more malicious software, launch a command line application with elevated privileges, remove user accounts, and more by abusing the role of administrator.
Restricting admin rights to a different account reduces those risks but does not completely eliminate them. Your administrator password, for instance, could be stolen by a keylogger installed on your computer, and a UAC dialog box can fool you into doing something you didn’t mean to. Even so, using a regular, non-administrative account increases your security.
Although you won’t be able to just click Yes or use your current account password, you will still be able to authorize practically all of the tasks you currently perform from your regular account.
How to create a local admin Windows And Microsoft Windows Security Auditing.
Microsoft has a good detailed guide on how to create a local account on Windows. You can find the link here and follow the instructions.