Utility Programs

A utility program is usually smaller than a standard application and refers to a program that is responsible for managing system resources and adding functionality to your computer. This can include screen savers, icon tools and other desktop enhancement features.

A privileges utility program is an application that requires elevated (administrative) privileges to perform the specific task. This can include endpoint security tools, such as anti-virus software, software updates, device/process managers, disk encryption and software firewalls.

Allowing employees access to privileged utilities from their standard user account introduces security risks into the network. This allows malware to cause much more damage as it can run with the privileges of the utility program.

Therefore, it is advised to ensure that administrative accounts are not utilised to conduct daily business functions such as sending e-mails and browsing the web. These accounts must only be utilised when conducting tasks that require admin privileges. Equally, standard users should not be given administrative rights over specific utilities/programs. If a standard user account is used and a privileged utility program is executed, it will prompt the User Access Control (UAC) and administrative credentials will need to be entered. Access to privileged utility programs should be heavily restricted to employees except those who require it to perform their daily tasks.

If the user requests access to a privileged utility, justification should be provided, and it should be reviewed by a person with authority within the organisation. Additionally, it is advised to identify and disable all unnecessary utility programs on the machines as well as monitor and review the event logs on a regular basis in order to identify any suspicious behaviour or misassignment of correct account privileges within the organisation.