Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1668 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

On Access Scanning

Joetobai

Hi All,

My Query is regarding On Access Scanning, alot of users on our workstations are not local admin. What is best practice for on access scanning group, ie should there be a user in group with local admin privileges.

Thanks

:9603


This thread was automatically locked due to age.
Parents
  • 0

    I see. As you found out a scheduled scan will delete these threats (and cleaning - i.e. deleting - them from the console might also be possible). I guess that on-access for cleanup/deletion uses the rights of the user accessing the file and if they are read-only deletion (or move) will fail. As access to the file is blocked anyway this is not a problem though. On the contrary - giving the users more rights will make it worse as (yet unknown) malware can penetrate deeper when run by a power or administrative user. 

    Christian

    :9619
Reply
  • 0

    I see. As you found out a scheduled scan will delete these threats (and cleaning - i.e. deleting - them from the console might also be possible). I guess that on-access for cleanup/deletion uses the rights of the user accessing the file and if they are read-only deletion (or move) will fail. As access to the file is blocked anyway this is not a problem though. On the contrary - giving the users more rights will make it worse as (yet unknown) malware can penetrate deeper when run by a power or administrative user. 

    Christian

    :9619
Children
No Data
Unfiltered HTML