April 15, 2016

Posted in:

What is User Access Control in Windows?

uac blog

Have you ever been working on a project and realized that you needed to download a program in order to complete it? When you proactively attempt to install the program yourself, you are greeted by a pop-up that demands escalated security privileges. You probably gritted your teeth in frustration and emailed your IT team for permission while wondering why on earth a tool like that is necessary.

This feature, found on Microsoft Windows servers and workstation versions, is called User Access Control (UAC). The primary purpose of this tool is to inform a user that the program they seek access to requires elevated privileges. UAC works by adjusting the permission level of the user account—either granting you access or denying it. This important security feature can be initiated by the user, a virus or an application (usually when you want to download a program). If the necessary permissions are not met (i.e., the pop-up is ignored), then the program or virus shuts down as if nothing ever happened.

In certain situations, UAC also allows for the temporary escalation of privileges to the user account to allow a program to install. Once the task is completed, the user permissions will automatically return to what they were previously.

For the most part, UAC runs by standard (without an administrator’s manual set-up). Default settings prevent a user from making changes to the operating system, its system files or the machine’s registry settings; a user also cannot change anything owned by another user account. In certain versions of Windows, UAC will notify you when changes are made to your computer (just in case you didn’t initiate the changes).

Why is UAC Important?

While some people may be annoyed by the pop-up box asking for permission to run a program with elevated privileges, it is important to understand that the feature is there for your safety and security. Running an account with UAC turned off will not prompt a user that a program requires elevated privileges; therefore, it is transparent to the end user that something happened without their interaction.

When UAC is turned on, it actively prevents the installation of malicious software and spyware. This feature is created to be a good balance between security and usability; if you find it’s hindering your work, reach out to your IT manager to discuss—changing the security settings is an easy task in modern Windows systems.

As a result of its many advantages, Edge strongly recommends that UAC be left in a turned on position. We understand there is a fine line between security and allowing a user to perform their job without interruption, but in this case, the benefits of having UAC active outweigh the benefits of having it inactive; in the end, the potential security risks are not worth it.

If you have any further questions about UAC or other security concerns, feel free to reach out to us! We’re here 24/7/365 for you.

Go back