Rogue Administrator Rights

Administrative rights can be one of the most potent weapons for malicious intent. A user cyber-criminal with administrative rights is able to install or change any software on your business systems.

Limiting administrative rights should be an essential part of your IT infrastructure in order to properly secure access to system controls. However many companies do not have appropriate measures in place to counter the threat of unchecked admin rights as they are simply not aware of the risks that are posed. Here are some of the common ways in which full administrative rights expose your business to cybercrime.

Access All Areas & Invite Others

Administrative rights enable users to install new software, add acounts, and change the way in which your systems operate. They also mean your users can "own" any file on your network - privileges always beat permissions.

This means that admin users can change ownership of relevant documents or folders, and either restrict acess, copy, or transfer data without any other authority - even tampering with protected security policies. By offering the ability to directly access and change specific registry keys, administrative rights allow users to navigate around central management policies whenever they choose.

The freedom to create new accounts and set privilege levels means that any compromised local administrator account can create multiple new local admins in future. This access poses a serious risk to security, with the potential to give lasting access to malicious users, whether internal or external, as well as any accomplices.

Laying traps

Once a malicious individual gains access to a user’s desktop, they can turn their attention to corrupting the entire corporate network. With the ability to freely access any part of the operating system or network, miscreants with admin privileges can also prepare 'traps' for users with higher privilege, such as domain admins.

Unrestricted admin rights, therefore, pose a significant risk around privilege escalation attacks and lateral movement. The ability to manage certificates for the local machine means admin users also risk exposing others to phishing and man-in-the middle attacks.

For example, by installing a fake certificate authority, malicious users can trick others into believing they are visiting trusted sites or receiving information from a trusted source, leading to the gathering of sensitive information or the installation of malware.

Spying on the network

Capturing network traffic allows the potential for admin users to find vulnerabilities within a network. The use of port scanning tools is a common means for those with administrative privileges to identify network services running on a host and to shore up their defenses. But in the wrong hands, this will also allow malicious users to find and exploit vulnerabilities in the corporate system.

Covering tracks

The freedom to install, update or remove any application or software can inadvertently leave the IT environment open to vulnerabilities. End-users do not necessarily know the full implications of their actions; this unawareness can pose a serious risk to system stability and data security.

One example is that admin users can create scheduled tasks to run as System: applications can be configured to run bypassing User Account Control protocols, while processes can be run as Systemtoo. This means malicious software can be embedded and set to trigger in future, running in the background to existing applications.

The ability to make any changes within an IT system offers cyber-criminals the ability to cover their tracks in cases of misdemeanor. They can delete applications, system and security event logs to cover up any wrongdoing with relative ease.

These examples show that once a hacker infiltrates an endpoint with full administrator privileges, they can quickly wreak havoc within an organization, and the best can remain undetected.

Operating in an environment of 'least privilege' means organizations can develop a stronger security posture, without the need to limit operational agility. Businesses must understand that withdrawing administrator rights will reduce the attack surface for malicious individuals while maintaining the ability of personnel to be productive in their role.

A full systems audit from WellandTech is likely to be much less expensive than you may thing - and will go a long way to ensure your network is operating securely and effectively. Contact us today for a no obligation chat about how we can help.

Mobile Friendly Sites

Is your site mobile friendly? If not, this may mean users may have an inconsistent appearance or strange font sizes, and they may even have to double tap or pinch to zoom to be able to see and interact with content.

Possibly worse than this, Google will judge a page as not mobile friendly because it requires these interactions, and this will heavily impact your overall SEO score, and your ranking in search listings. Contact us today for a website analysis and see what we might be able to do for you.

Eat Drink & Be Jolly!

Eat, Drink, & Be Jolly is the motto for The Jolly Farmer, a village pub located in Moulton Chapel, just outside of Spalding, and a motto at WellandTech we are pleased to get behind!

The Jolly Farmer is one of the few independently run pubs in the area providing a fantastic location for you to have a fantastic time. With regular live entertainment, live sports coverage, as well as a large beer garden with children's play equipment and ample seating. Well behaved owners are more than welcome to accompany their four legged friends!

The Pub was using a templated website without their own URL. WellandTech developed a clean and modern mobile friendly website, with a contact form and all of their popuplar restaurant menus. Since the site has been live, the business has seen a noticeable increase in the number of bookings coming through via e-mail, the contact page, and even telephone bookings referred through the website. To see how a new website could benefit your business, please contact us today for more information.

Streaming Local Radio

WellandTech provides hosting, 24/7 streaming, and mass distribution services to local internet radio station The Sound Of Spitfire.

Sound Of Spitfire is an Internet based Radio Station that is focused on delivering the best in International, National and Local News, Wide-Ranging Entertainment Shows, Local Information and Community Interest for the people of Spalding and the South Holland district.

The station is broadcasting on-line 24/7 with a range of programmes aims to entertain and inform. With local and national contributors providing a diverse mix of music, chat and news.

Being an internet station, internet connectivity and availability is of the upmost importance, and Spitfire had been let down several times by an existing provider. Listeners were either unable to connect, or had a connection that kept dropping out, or was of a low quality. At WellandTech we were able to redesign the stations technical back end to ensure that connection was fast and always of the highest quality.

The Ship Albion Spalding

We are proud to be able to support The Ship Albion (Spalding). Situated just a few minutes walk from the heart of Spalding, a peaceful market town in the South Lincolnshire Fens, midway between Boston and Peterborough. The Ship Albion is well known for combining a contemporary look and feel with more traditional pub values.

The Ship Albion has a fine selection of guest rooms and is in the perfect location to extend your stay in Spalding. All of their stylish rooms offer a relaxing stay away from home and have comfortable beds for a perfect nights sleep, as well as en-suite bathrooms and complimentary Internet access.

The Ship had a tired and unfunctional website, that was not mobile friendly. WellandTech have modernised and updated the site, as well as working closely with the business on their other technical systems, including EPOS, and CCTV.