In the mailbag this morning was this eweek article on how Vista’s User Account Control (UAC) Will Reform Developers, where a Gartner analyst says that developers should ship software apps that (in some cases) don’t require administrator rights. Speaking at Gartner’s IT Security Summit this week, analyst Neil MacDonald said UAC “has plenty of people confused regarding what, exactly, it is.”
In case you missed it, here’s a technet article on UAC that explains how “Windows Vista makes it possible for organizations to deploy a more manageable and secure desktop in which administrators can run as standard users (formerly users) and still perform administrative tasks.”
Although gizmodo noted that UAC was “pretty much the most annoying OS feature I’ve ever dealt with” it does have benefits. As Peter Watson notes (Microsoft Australia’s chief security advisor)…
“There has been a lot of misunderstanding in the market around User Account Control (UAC). If you look at it from an architectural direction User Account Control is a great idea and strategically a direction that all operating systems and all technologies should be heading down.”
Of interest: this article on how to make User Account Control (UAC) less annoying.
“[Gartner’s] MacDonald had additional advice on deploying UAC:
- Use the migration to Windows Vista as a catalyst to have more users run as “standard user.” This may not be appropriate for all users, but can be for many.
- For administrators, require approval when an administrative task is attempted.
- When critical vulnerabilities are announced by Microsoft, see if the malicious code is restricted to running in the context of the user.
- Note that if the organization’s goal is to “lock down” the computing environment, UAC won’t be enough, and third-party tools will be required.”
Of interest…
- User Account Control overview – With User Account Control in the new Windows Vista operating system, you can reduce the risk of exposure by limiting administrator-level access to authorized processes.
- User Account Control team blog – Get the latest news and share comments with the product team.
- TechNet On-Demand Webcast: Moving to a Standard User Enterprise Desktop – What problems are you likely to encounter as you transition from an administrative desktop to a standard user desktop in your enterprise? Understand the issues and resolutions in the Webcast.
- User Account Control team blog – Get the latest news and share comments with the product team.
Tags: Microsoft, User Account Control, UAC, Windows Vista.
One reply on “Annoyed by Vista’s User Account Control? Gartner’s advice on deploying UAC”
I’ve received several mails asking for more info on User Account Control (UAC) since my last blog entry