Are you a systems administrator for your organization? Do you have an administrative account that is a member of a privileged group such as Domain Admins or Enterprise Admins? Do you use that account on the same machine on which you check your email, or browse the internet?
If you answered yes to all of these questions, you have a problem. Well, I guess to more accurately describe this situation, your organization has a problem. This purpose of this article is to illustrate how an Administrator Workstation can be secured to limit the possibility of compromise.
Productivity Workstation: Workstation used by a user to check email, access the internet, view and edit documents. This workstation is less trusted since it has a larger attack surface and is extremely susceptible to compromise.