Slashdot videos: Now with more Slashdot!
We're a small company, developing on Windows using Visual Studio. Since Windows XP, all our developers work in a normal user account; as nearly as possible they use the same environment the most restricted of our users might, so that dumb security-related mistakes get caught fast.
Having said that, they also know the local admin account details for their machine, and are entrusted with installing/uninstalling stuff as necessary.
That differentiation - between the access we allow and what we encourage as day-to-day practice - is an important one. On other OSes you're more likely to be making this differentiation already. If you're using Windows and don't, please consider it. This is a useful resource: http://blogs.msdn.com/aaron_margosis/