We can stop the CEO in theory, but too many of them take the attitude that “it’s my company, I’ll have all the power I want!” You know this as well as I do. I’d love it if the majority of C-level execs would let IT and Security do their job, but the reality in too many businesses is that their ego makes them want to be the administrator on their machine.

I wouldn’t know that subpoenas are never sent via email and I wouldn’t be surprised to find out many CEO’s are equally ignorant. This is an appeal to emotions, specifically fear, and we all let fear overcome common sense from time to time. My natural paranoia probably would have stopped me before I clicked on anything, but not necessarily.

Martin

I’d just like to state that we absolutely can stop them from installing software. If we set their account to that of a limited user, they’ll be prevented from installing software, and most importantly ActiveX controls. This means that if AV works or not, it still can’t be installed. If AV works, that’s just an added bonus.

If they want software installed, it should be done through the proper channels; the same ones everyone else in the company follows. Besides, they have more important things to do than figure out how to get some piece of software up and running. Shouldn’t they be focused on the business while someone from the helpdesk figures the software out?

If your CEO has admin rights this event is a perfect reason to justify taking them away.

Certainly, Martin - you couldn’t fall for this one!

that probably sounds paranoid (though it’s been said that a certain level of paranoia is healthy), but even if it turned out to not be intentionally malicious who wants crud from some one-time-use application cluttering up their main pc?