A Privileged User is a user of a computer who is authorized to bypass normal access control mechanisms, usually to be able to perform system management functions. Cybersecurity governance policies should clearly state limits on use of privileged accounts while also spelling out how you accomplish the separation of duties.
A privileged user is essentially a user that has acquired root access to a UNIX system, or administrator rights to a Windows system. These represent the highest level of permission given to a computer user. A user with administrative rights allows them to access anything within the system or network they are given administrative rights to. A user with these rights is given essentially “unrestricted access” to the entire system.
Related Terms: Administrator Rights, Least-Privilege, Need to Know, Separation of Duties
Related Readings: Enforcing PCI DSS Compliance Requirements & OS Isolation, Privileged Access: Yet Another Security Problem
What does this mean for an SMB?
SMBs can protect themselves from Ransomware threats and most other viruses and malware by following the principle of Least Privilege. If you remove admin rights from employees, they are prevented from installing software on their computers including both legitimate software, but also malware such as ransomware.
Removing these rights from employees is helpful from a cybersecurity perspective but may not always be possible if you have a sophisticated and technically savvy work-force. In these cases, you can still provide those employees the privileged user credentials, but require that they not run their work life using such privileged accounts. Instead, they should work in an unprivileged account most of the time.