Viewfinity Privilege Management earned high marks in an independent product review by Wayne Rash, President and Analyst, of Wayne Rash & Associates. 

 “The single greatest security threat to most enterprises is the lack of control over administrative rights on client computers. By allowing employees administrative rights, you are opening the door to worms, Trojans and a host of other security problems. The security improvements in Windows 7 and third party privilege management solutions make the OS refresh the perfect time to remove rights. However, this issue is so critical that the removal of administrative privileges should be made as soon as possible,” says Wayne Rash, president and principal analyst of Wayne Rash & Associates.”

Here are some highlights of the Viewfinity review:

• “You can also use the Policy feature to block applications, so if a user has a peer to peer movie downloading package already installed, for example, you can prevent it from operating.

• “You can implement Viewfinity on any network using Windows machines, regardless of whether it Active Directory is in place."

• “With Windows 7, users are presented with a message from the User Account Control system when they attempt to invoke a function that requires administrative rights.” “Because Viewfinity is controlling the administrative rights, you can also control the UAC message.” 

 Click the picture to read the entire review:

Join Lieberman Software and Viewfinity for a live demonstration detailing how the two products work together to protect companies from IT security threats. First, Lieberman Software will demonstrate its fully automated password management and privileged account auditing.  Next, Viewfinity will demonstrate how to elevate privileges for standard users or to reduce permissions for privileged users on specific applications and tasks in a least privilege environment.

Wednesday, February 15, 2012 2:00PM EST/11:00AM PST 

Reserve your seat here

Stop by next Friday for Tip #4 

Leonid Shtilman, CEO and Co-founder of Viewfinity, talks with Rake Narang, Editor-in-Chief, of Info Products Security Guide about the Level of IT security protection provided by removing administrative rights as compared to other forms of endpoint protection, such as antivirus.  

Rake Narang: What security threats are most enterprises least prepared to subvert?

Leonid Shtilman: The security threats that most enterprises are not fully prepared to mitigate are advanced security threats, i.e. threats which are not yet covered by antivirus. One of the most popular ways to infiltrate servers is to exploit administrative rights on endpoints and, through that path, get into a position that allows for an attack on the vital part of the enterprise infrastructure. A growing and highly-regarded opinion among IT professionals is that controlling rights on personal computers and servers is a crucial part of any security solution. Adhering to the principle of least privilege is in the best interest of all companies, whether in the commercial sector, healthcare, within government agencies, etc.

Rake Narang: What are some of the most common but critical mistakes still happening in IT security?

Leonid Shtilman: In every organization there exists a somewhat buried but very dangerous keyhole: the presence of local administrator accounts. Local administrator accounts are often times created directly by users and are hidden from the IT manager’s standard tracked list of administrative accounts managed by Active Directory and can be used by malware to install malicious software on local computers through the administrator account.  Further penetration into the IT environment is then accessible through this loophole.  It is essential that IT security and operations managers have a method for mitigating this common but critical IT security risk.

Rake Narang: How would you compare the level of IT security protection that removing administrative rights provides with other forms of endpoint protection, such as antivirus?

Leonid Shtilman: Antivirus will stop known threats, while the principle of least privilege via the removal of administrative privileges can help to combat risks that are presently unknown to antivirus software that can threaten to exploit administration rights.  It’s the same protection principle as anti-virus, just with a different approach.  Companies wouldn’t go without antivirus – so why would they give administrative rights to users when there is a way for properly managing privileges without exposing the company to unnecessary security risks?