Not Too Hot, Not Too Cold, But Just Right

by Mary Rose 17. December 2010 11:49

In the children’s fairy tale Goldilocks and the 3 bears, Goldilocks picks the porridge that is not too hot and not too cold, but the one that is just right. Goldilocks also found a chair that was too big, one that was too small, and then one that was “just right”.  In a similar way, organizations should looks to find the “just right” level of lockdown on desktops.  

 

When end users have full administrative rights on the endpoints, the desktop is much more vulnerable to malware. Systems where the logged on user has administrator rights are much more acceptable to zero day attacks because a large amount of malware that exploits vulnerabilities in applications can only works when the user has local administrative rights. Users that have administrative rights on they systems are also much more likely to install unauthorized software or make configuration changes that lead to system instability. Business sensitive information is much more vulnerable when accessed on these systems. In effect the system is “too hot”. 

 

When there is no way for the user to perform some approved tasks such as defragmenting the disk, installing an approved set of applications, or installing an approved activeX control, the user's productivity is impacted. Users have to request intervention for even mundane maintenance tasks and this can lead not only to increased support calls but also end user frustration. In this case the system is “too cold”.

 

An effective privilege management solution can help balance security and data protection concerns with end user productivity and personalization for a “just right” solution.   Privilege management is designed to enable organizations to control the rights of specific processes and specific user actions. For example an organization can set a policy that any activeX control that is signed by Adobe may be installed without the user having to be a local administrator. Organizations may want their users to be able to perform tasks such as installing approved software that is stored on well controlled servers.

 
In a study published February of 2010, Gartner highlighted the relationship between PC lockdown and support costs.  

Organizations minimize their support costs as they implement a more locked down environment.  Privilege management from Viewfinity enables customers to move towards a more secure and productive endpoint.  It provides the "just right" solution to be able to successfully lock down the desktop.

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

Privilege Management | Security | Viewfinity

E-mail | Kick it! | DZone it! | del.icio.us
Permalink | Comments (0) | Post RSSRSS comment feed

Windows 7 refresh is opportune time to revisit desktop control policies

by Mary Rose 8. December 2010 08:54
Connect with Viewfinity featuring Gartner Research on recent trends related to how organizations are looking at the Windows 7 desktop refresh as an opportune time to revisit desktop control policies and increase desktop lockdown.

Perspective:
With the Windows XP sunset date fast approaching, plans for Windows 7 migrations are in full swing. This has prompted most organizations to re-assess their approach to PC lockdown. Our survey indicates a 456% jump in demand to implement privilege management software for companies planning to migrate to Windows 7 in the first half of 2011. The data further shows that 63% of survey respondents deem it critical to manage administrative privileges for end users to ensure security and reduce vulnerability.

A smart approach. A privilege management system balances the rigidity of locking down end points with the needs of user customization. It provides security and operations professionals with a method for securing the end-point by elevating privileges at the application level, or for desktop functions, rather than providing total administrative privileges. Systems are less at risk without sacrificing user productivity or increasing support call volume, thereby offering a cost effective approach to providing secure and productive desktop computing environments.

Access the newsletter and resources here.

Currently rated 1.5 by 34 people

  • Currently 1.499999/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags: , , , ,

Compliance | Desktop Management | Laptop Management | Privilege Management | Security | Windows 7

E-mail | Kick it! | DZone it! | del.icio.us
Permalink | Comments (0) | Post RSSRSS comment feed

Powered by BlogEngine.NET 1.4.5.0
Theme by Mads Kristensen

Calendar

<<  May 2013  >>
MoTuWeThFrSaSu
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789

View posts in large calendar

About Viewfinity

Viewfinity provides privilege management and application control for desktops, laptops and servers, empowering enterprises to meet compliance mandates, reduce security risks, and lower IT costs. The Viewfinity solution allows enterprises to control end user and privileged user rights for applications and systems which require elevated permissions. Viewfinity's granular-level control enables companies to establish and enforce consistent policies for least privilege Windows-based environments based on segregation of duties. For more information, visit www.viewfinity.com.

Follow us on Twitter: viewfinity
Find us on LinkedIn: www.linkedin.com/companies/viewfinity
Become a fan on Facebook: www.viewfinity.com/facebook