There is a long held and publicly accepted belief that Mac computers and Linux based computers are more secure than Windows machines. Even Apple has jumped on this band wagon with some of their commercials, remember the cool Mac dude versus the nerdy older PC guy ads? Well we are writing this week to debunk some of the myths behind this statement and tell you Windows users there is no reason to throw your virus laden laptop to the curb and go looking for a Mac.
The primary argument the MAC and Linux crowd makes about Windows being less secure has to do with the fact that on default install on Windows, yes even 7, is that the first user installed is an Administrative user with full access privileges to the operating system and files, whereas Mac and Linux force the creation of a non-admin user (non-root) on installation. Does this make Windows less secure? Well the answer is yes by default. Microsoft could easily alter this with a few changes to their installation program, why they have not escapes me. But I can tell you our best practice and the industry’s accepted solution to this is to simply create another user or users to be used for day to day use as a non-admin user, and to reserve the admin account for installing software and maintenance. This works for both home users and network users.
By not allowing the currently logged in user full access to the operating system, any virus that does get past your defenses, can only do so much damage, typically only to user files not to the OS unless you give it permission to do so, by guess what, typing in your admin account. That is the same way OS X and Linux work. When you want to do something you are not allowed, they prompt you for an admin account to allow it. By restricting access to the system in this way, a virus cannot do a whole lot of damage.
This is a simple fix. Yet time and time again, we get home user PC’s in the shop to fix for virus issues only to find out they are running as the default user admin. I honestly believe if users would do this one thing to protect themselves it could cut virus infections in half overnight, worldwide.
Setting Up A Non-Admin User For Daily Use
So how hard is it to setup a non-admin user in Windows? So easy in fact the steps are below (7 for Windows 7 and Vista, and 5 for XP)
How to set up a Non-Administrator User Account
Windows 7 or Windows Vista
1. Click the Start button
2. Click Control Panel
3. Click Add or remove user accounts under User Accounts and Family Safety
4. Click Create a new account
5. Create a name for the new account
6. Select Standard user
7. Click Create Account button
Windows XP
1. Click Start > Control Panel > User Accounts
2. Click Create a new account
3. Create a name for the new account
4. Under Pick an account type select Limited
5. Click Create Account
Easy right? So take a minute and do this on your machine. Yes I am waiting, go on do it now. Who knows, the PC you save, maybe your own if you will do this.
DISCLAIMER – If your software will not work with you not running as admin, that is not our fault. Talk to your developer or software provider. The bottom line is that most software that cannot run without being a logged in as an admin user is poorly written software written by a lazy or ignorant programmer. There are tools and certain software that must have admin rights for sure, but they should not require you as a user to be logged in as one to use it.