Learn more

Sage Estimating (SQL) Applications Compliance

UAC Compliance—Definition

User Account Control (UAC)—Definition

Virtualization—Definition

Elevating Permissions

Understanding Windows Security

In Windows operating systems, Windows security is based on the User Account Control (UAC) scheme. The goal of this security scheme is to provide users with only the required level of permissions to perform daily tasks, thereby limiting system exposure in the event of a malicious attack.

For example, UAC divides users into two groups: standard users and administrators. By default, all users are assigned standard user-level permissions. Rather than provide standard users with full system control, Windows gives standard users the ability to access only the folders to which they have read/write permissions. Administrators must assign read/write permissions for each folder a standard user is expected to read or write to. Administrators must also approve any programs a standard user attempts to install.

Administrators are limited to the standard user-level permissions. However, administrators have the ability to elevate their own permissions as required to perform tasks such as assigning permissions, installing software, or making system modifications.

To further protect the system, Windows has the ability to isolate your data should you attempt to read or write to a file without having read/write permissions to that file/folder. Windows virtualizes the compromised file, making a copy of it and associating it with your user profile. Any file modifications you make are limited strictly to the copied file, leaving the original file unchanged.