- Dec 23, 2014
- 8,118
Using 'Standard User Account + Windows Hardening' is a beautiful idea in its simplicity, effectiveness and low-resources requiring. For example: what for to scan the scripts, if their execution can be restricted/disabled by the system policy? As about Standard User Account, it can mitigate alone, about 80% Windows malware (including exploits and 0-day malware).
The above is a good solution, if the user knows when and how he/she should un-harden the system or can be advised by the more experienced user.
Edit.
The cons is that many users who could use it, are using Administrator Account in fact. They have a strong need to test security software and change system settings frequently, so using Standard User Account is rather painful. But anyway, such security solution can be adopted by an experienced user on computers of family members or friends, if he/she has the ability to advise and help them from time to time.
The above is a good solution, if the user knows when and how he/she should un-harden the system or can be advised by the more experienced user.
Edit.
The cons is that many users who could use it, are using Administrator Account in fact. They have a strong need to test security software and change system settings frequently, so using Standard User Account is rather painful. But anyway, such security solution can be adopted by an experienced user on computers of family members or friends, if he/she has the ability to advise and help them from time to time.
Last edited: