What to Expect

Local Administrator Accounts

Local Administrator Accounts allow a user to install software, make system setting changes, and perform other “administrator” actions on their university computer. These accounts provide the highest level of security privileges, but they can be vulnerable to viruses or malware if not managed properly. Since a compromised computer is a danger to the entire network, the following procedures allow approved users the opportunity to have to temporary administrative accounts while also protecting individual computers and the University.

Information Technology recognizes the need for select users across campus to have temporary administrative rights to their individual or department computers. The following guidelines are for administrative rights to Windows-based computer systems.

Higher education is an attractive target for several key reasons:

  • It is a vast repository for research data that can be lucrative to criminal or government-sponsored attacks.
  • It stores personally identifiable information (PII), health, and financial data on thousands of students and employees.
  • It is large, connected networks are ideal launching points for distributed denial-of-service attacks.
  • Campuses typically have lower institutional control of networks and a higher ratio of bring-your-own-device environments.

Responsibility

Individuals that have been granted local administrator rights are responsible for the integrity of each computer. If a computer under the control of the local administrator is compromised with or without the loss of University data, granting additional accounts administrative rights, or unsecure computing, IT reserves the right to notify the users supervisor and limited access to administrative privileges in the future.

Request Local Administrator Rights

  1. The local administrator will not elevate any user's domain account credentials.
  2. Local administrator rights will be evaluated on a faculty or staff member’s primary job responsibilities for a timeframe needed to complete a specific task.
  3. Administrative rights will be granted to:
    • Maintain system integrity
    • Run software that requires administrative rights
    • Modify only needed system settings

User Account Control

As Windows has evolved through the years, the way that Microsoft thinks about User Accounts has as well. As standard access user accounts are now empowered to perform most tasks, most users will not notice any difference to their daily routines.

Should an instance be encountered where user account elevation is required, Windows will display a pop-up similar to the example below. Your TrojanPass credential will not work.

Software Center

Many commonly used applications are available for install from the Software Center application installed on all domain-joined Troy University PCs. This application resides in the Start Menu under the Microsoft System Center folder.