Killing Administrator: Solving Three Problems by Removing Administrative Rights

It’s high time we killed Administrator.

Now before you run for the authorities, we’re not talking about killing the Administrator. That would be you, and that would be wrong. Rather, it’s time we eliminated the role of Administrator from our Windows servers and desktops.

Why?Inside Microsoft Windows, the notion of Administrator and administrator rights was never well designed in the first place. With that design, we’ve long been suffering under what amounts to a binary view of privileges: Do you have administrator rights or don’t you have been the only options at our disposal.

Yet simply killing off Administrator doesn’t solve the problem. Something must fill the hole its death leaves behind. In its place, IT dreams of a more granular approach to privilege management, one that aligns the actions users want to accomplish with those that you’ve specifically permitted.

Eliminating “the Administrator” from administrator rights solves three big problems that have plagued Windows administration for years. First, moving rights management away from its historical person-based approach brings us closer to the goal we’ve been dreaming about: Least Privilege.