I've blogged and podcasted before about this excellent three-part Essentials Series on Eliminating Administrator Rights. (I can call it "excellent"... I wrote it!)

Sponsored by BeyondTrust, this series talks about the problems virtually all IT organizations face with being forced to hand out admin rights to people who shouldn't really have them. The problem with the Windows OS is that its internal controls for application security don't mesh well with the privilege needs of poorly-written applications.

Making the problem even worse, there are no good native tools for elevating just a single application to fulfill its needs. The only way to elevate an application is by logging in as Administrator or by using tools like "runas" to do the same. Both of these solutions require actually giving an administrator password to a standard user, a password that they really shouldn't have.

The essentials series, which you can download here, discusses the problem of least privilege and illuminates some key needs that smart environments will want to employ to solve the problem.

In looking at this first essential series, I found another along many of the same lines. This second essentials series, titled Essentials Series: Managing Access to Privileged Accounts digs into another aspect of the problem. Here, Ed Tittel discusses account access management and privileged password management as well as session controls. In addition to the singular problem of the spread of admnistrator rights, the proper management of accounts and their passwords is similarly critical. Whether you have the pain of fulfilling regularly compliance controls or just want a more secure environment, check out this alternate essentials series for the low down on solutions that may work for you. Click here to download this free series.