Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2431
Views
5
Helpful
1
Replies

Would you consider AMP endpoint protection negates the need to remove Administrator access

Go to solution
ccwdeakineduau
Level 1
Level 1

‎02-21-2018 09:57 PM - edited ‎03-08-2019 05:46 PM

We are rolling out AMP for endpoints, and a lively internal discussion is whether we shoudl rely on AMP's malware protection so that we can provide our end-users with Administrator access. I'd be interested in people's thoughts.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-24-2018 07:32 AM

I wouldn't do it. A good security strategy uses defense in depth and multiple layers of protection.

 

If the end user has Administrator access then they also have the ability to stop the AMP for Endpoints service.

 

Also, not giving Administrator access to end users helps control what apps of all kind get installed - not just malware.

View solution in original post

1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-24-2018 07:32 AM

I wouldn't do it. A good security strategy uses defense in depth and multiple layers of protection.

 

If the end user has Administrator access then they also have the ability to stop the AMP for Endpoints service.

 

Also, not giving Administrator access to end users helps control what apps of all kind get installed - not just malware.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents