SOX News

New Free Product from BeyondTrust Provides Enterprises with Fastest Path to Eliminating Administrative Rights

(March 18, 2008)-- Enterprises will be able to easily determine which applications their employees run that require users to have administrative rights. Allowing employees to operate computers with elevated privileges makes companies more susceptible to malicious users and viruses, and prevents compliance with regulatory mandates, such as the Federal Desktop Core Configuration, Sarbanes-Oxley and HIPAA. BeyondTrust today announced the free Application Rights Auditor, the only product to automatically identify and report the Windows applications that require users to have administrative rights.

BeyondTrust Application Rights Auditor makes it easy for companies to identify the Windows applications that require users to have administrative rights in order to run. Once those applications are identified, enterprises can develop informed plans to remove users’ administrative rights without any application downtime, creating a more secure and compliant environment, and lowering the cost of administering Windows computers. Until now, the only way to determine which applications required users to have administrative rights was to take the rights away from every user and see which applications broke, or to examine every installed application one at a time.

“Enterprises are quickly waking up to the danger of elevated privileges and the need to remove administrator rights but until now it has been prohibitively time-consuming to identify which applications would break if those rights were removed,” said BeyondTrust CEO John Moyer. “BeyondTrust Application Rights Auditor automatically identifies which applications require users to have elevated privileges so enterprises can quickly know the actions they need to take to protect themselves and keep employees doing their jobs.”

Allowing employees to operate with more rights than they need for their jobs is a security risk because it makes it easier for malicious software to install and increases the damage that malware can do once installed. Administrative rights also allow users to circumvent security policies, install unauthorized applications and make unauthorized modifications to a standard desktop configuration. The issue of administrative rights has recently emerged front and center on the security landscape. The U.S. government set a deadline last month requiring that administrative rights be removed from Windows desktops at all government agencies as part of the Federal Desktop Core Configuration (FDCC) mandate.

“Removing administrative rights and running a least privilege environment requires insight into what is happening at the application layer and what privileges an application requires to run smoothly. With Application Rights Auditor, there is no guess work on what privileges are required since it profiles each application and seamlessly identifies the required permissions,” said Mark Spaak, System Administrator at Lake Michigan Financial Corporation, the holding company for The Bank of Holland & The Bank of Northern Michigan. “Once the permissions have been identified, we can rapidly update the organization with BeyondTrust’s Privilege Manager. Application Rights Auditor is a solid complimentary tool to Privilege Manager that makes BeyondTrust Lake Michigan Financial Corporation’s least privilege solution.” BeyondTrust Privilege Manager allows end-users to run all required applications without administrative privileges.

Application Rights Auditor consists of a Microsoft Management Console (MMC) snap-in and a desktop component. The desktop component is installed on multiple computers to transparently examine applications during execution and to send encrypted log files to a secure server. All application executions are automatically monitored. Centralized reports are configured and viewed within the MMC. The reports enable companies considering IT projects to remove administrative rights and to make better decisions about those projects. Knowing which applications require users to have administrative rights will allow companies to make preparations for users to continue to do their jobs and eliminate application downtime when these rights are removed. Application Rights Auditor reports also increase compliance with Federal Desktop Core Configurations, Sarbanes-Oxley, the PCI Security Standard and other regulations by providing a clear report of which applications require elevated permissions.

Share or bookmarklet this web page at: