This definitely increases risks to the executive users! They are the ones who should really be more concerned most about security of the data and integrity of their systems. Paint the picture that malware is often restricted by the user’s authorization level, so by users using least user authority, then the malware is not capable of deeply infecting a system. Malware which affects systems where users have full authority to their systems can gain access to system areas and data that would be restricted to normal users. If these executives for some reason absolutely MUST have this type of access. Create two accounts, one for regular user authority and the other with elevated authorization. Caution them that the elevated authority account should ONLY be used when actions cannot be performed using the regular user account. Many companies do this configuration and are very successful with reducing the threats due to malware taking advantage of elevated user rights.