Closely related would be “Deploy new untested hardware in a production system”. An incident involving a new hard drive comes to mind here.

Always, always perform a full sector-by-sector write/compare test of new hard drives before placing them in service.

The same level of testing should really apply to any new piece of hardware.

Only the newbie administrators fall for this type of mentality. Honestly speaking, I’ve been there and done some sort of happy-go-lucky decisions as an admin. But I’ve learned my lesson well. I was suspended from my work for a month – without pay.

Trust is not only the issue here. You should also impart respect and right of privacy to your fellow workers. Abusing your privileges as an IT admin or tech manager can damage both your career and reputation. So beware.

Surfing the internet while logged on as an admin leaves you wide open for all sorts of potential risks that you might encounter out there. Sure, you’re smart enough to not go to any sites that would hit you with malware as the admin, but what about breached and/or hacked sites, driveby downloads, etc.? There have been plenty of well-known and reputable websites that have been hijacked to do “bad things” to the computers of anyone who visits – if you’ve got admin rights, one of those sites can do considerably more damage to your PC than if you’re “just another user”. If you’ve got *domain admin* rights, well… you may as well hand over the keys to your office and ask them to be gentle.

Not saying that anything bad will definitely happen – there’s a good chance that it won’t. But is that a chance you’re willing to take? It’s a lot easier to clean up and/or reimage a desktop than rebuild your whole network because it got a brand-new piece of malware that none of your AV detects yet. It’s also a lot better career-wise to tell the higher-ups that “a new virus infected Bob’s PC, but I took care of it” than it is to say “our network is down because *I* clicked a link on (insert reputable search engine here), got sent to a hijacked website that installed some malware, it spread faster than I could contain it, I don’t know what -if any- confidential data has been leaked or stolen, and have no idea how long it’s going to take me to get everything back up and running.”

“Best Practices” are just really, really, really, really good suggestions – ultimately, it’s our decision as IT to weigh risks versus benefits – both for the firms we support and for our careers overall – they’re often more closely related than we might think.

If you’re logged on as a regular user, chances are, you’ll not know what’s happening to your computer. And if something happens (such as complete break down and software crashes due to malware attack), you can’t do anything to correct it.

For instance, some anti-malware, anti-virus, and anti-phishing programs require Windows-based operating system’s firewalls to be temporarily disabled. Also, some fixtools can’t perform their job well if firewalls are enabled.

But these are on a case-to-case basis. You don’t have to bypass your firewalls everytime you run repair-based apps.