Administrator protection on Windows 11

Numerous customers often need to grant administrator privileges to end users. However, this comes with risks, as improper use can compromise a Windows 11 device's security. It's crucial for organizations to manage and monitor these rights to maintain security.

Beginning with the Windows 11 Insider Preview Build 27717, Microsoft is releasing a new and robust security feature called Administrator protection. 

The feature will be integrated with Windows Hello to facilitate straightforward and secure authorization. Administrator protection uses a hidden, system-generated and profile-separated user account to establish an isolated admin token system.

Upon completion of a task requiring administrative privileges, the admin token is promptly discarded and subsequently regenerated for any new task requiring such privileges. This mechanism ensures that administrative privileges are not retained unnecessarily. The entire process is reiterated each time a user initiates a task that demands administrative privileges.

Utilizing Administrator protection and requiring explicit authorization for each administrative task, Administrator protection protects Windows from accidental modifications by users and changes by malware. It ensures that users are cognizant of potentially harmful actions prior to their execution.

For more information or assistance, please contact our team of experts at service@helient.com