Security

Local Administrator Policy

Use a standard account when operating a computer on a daily basis. A standard account is an account that has ONLY the authorizations you need to do your work while protecting you from malware.

Some legacy applications do not work with typical user account privileges and adjustments may be needed. In this case, contact the software vendor and/or local IT staff to adjust the application or configuration.

If there is a need for an administrator privileged account, contact your IT staff.  Based on the need, a temporary secondary account with administrative privlieges can be set up for required tasks. 

Using a standard account is a best practice and is required for systems interacting with Category 1 data (per 4.5.14 of the UT Minimum Security Standards). For computers using an Active Directory domain, all accounts must be based on the domain. Privileged accounts should not be used to create new local accounts or change local account configuration like guest accounts.

What To Do

If you are NOT running as administrator:

  • And everything is working then no action required
  • And you are experiencing problems with software or hardware – contact your IT Support or the ITG Service Desk

If you ARE running as administrator:

  • Ask your IT support to remove your account from the administrators group
  • Work with your IT Support to address any problematic software
  • If an administrator account is needed, contact the ITG Service Desk and based on your role and need a secondary account with administrative privleges can be setup.

FAQs

Why is it so important that I don’t run as an administrator?

Spyware, keystroke-loggers and other malware on the web and email thrive on taking complete control of systems when the user is running with an administrator account.

Infections can take your computer out of commission for hours and even days while it is formatted and reinstalled. If your system housed Category 1 data, you could be required to provide additional information and explanations to the UT Information Security Office.

A standard user account is a key part of minimizing the impact of these threats.

How do I know if I am running as an administrator or a standard user?

An administrator account is any account that is in the administrators group on a computer, the account does not have to have administrator in the name.

A standard user account is an account that is not in any other special groups like administrator. Determining if you are using an administrator privileged account can require going in to more technical areas. An easier way is to do the following:

Windows 7:  Open a file explorer window.  Right click on "Computer" in the left pane and choose "Manage".  If you are asked for a username and password you are using a standard account.

Windows 8 & 10:  Open a file explorer window.  Right click on "This PC" in the left pane and choose "Manage."  If you are asked for a username and password you are using a standard account.

My applications don’t work unless I am an administrator?

There are some older applications that were not written correctly and do not work out of the box unless you are an administrator. If you have one of these applications you should see if there is an update from the vendor. If not, contact your IT support and they can make a few adjustments that should allow almost all of these applications to work.

I have tried this but a special piece of hardware and software won’t work unless I am an administrator!

In this case, you should work with your IT staff to perform a reasonable review of the environment. If there are no reasonable alternatives, the system may be placed in a network that can only access campus resources and not the internet.

Information Security Office

The Information Security Office (ISO) provides additional information regarding security policies, practices and standards.

ITG Service Desk

service.desk@engr.utexas.edu

512-232-2486

ECJ 1.226

301 Dean Keeton

Austin, Texas 78712

Hours: Mon-Fri 8 a.m.-noon; 1-5 p.m.

Enabling Student Accounts

Students need to enable their EIDs to access Engineering labs and 4GB of data storage.

Enable your account