Eric B. Rux of Windows IT Pro published a recent product review recognizing common challenges  IT adminstrators encounter with software deployment, permission policy, time management and supporting end user requirements.

Eric stated “Viewfinity Privilege Management takes the work out of discovering the permissions that each application needs to function correctly. It also gives you the option of letting users install software on their own, while you still maintain control -- all from an easy-to-manage console.”

Rux’s overview and product summary as cited below:

For the most part, the GPO Editor and SaaS editions of Privilege Management function identically. They divide the applications that your users need to run into two groups:

• Applications that are currently installed; these applications are managed with applied policies
• Applications that your users will likely want to use in the future; these applications are managed with a feature named Policy Automation

• Available in local GPO Editor or SaaS edition
• Seamless integration with Windows 7
• SaaS edition shines for mobile workforce

Read more of Rux’s in-depth review… “It also gives you the option of letting users install software on their own, while you still maintain control -- all from an easy-to-manage console.”

Sean Martin, founder of imsmartin consulting, spoke to many individuals at the recent RSA 2012 conference.  Sean mentioned in his recent article titled “Are security basics getting lost under the cover of cloud and mobile?” that there were numerous topics discussed but he noticed three topics being raised more than others: passwords, identities, and privileges.

“Most organizations take steps to remove admin-level access and elevated privileges from standard user accounts. But admin privileges often get granted to additional users over time as a way to allow them to install printer drivers, launch system-level applications, and perform other business-enabling actions on their own without IT help desk involvement,” said Sean Martin.

Viewfinity is seeing that most organizations are victims of “privilege creep” – a situation where privileges are locked down initially and are increased over time. Businesses should follow the basics of managing account privileges on a granular level, controlling access based on need, time, application, location and more.

Viewfinity will be exhibiting in booth 610 at the 2012 Microsoft Management Summit next week! We will be showing live demos of our Privilege Management solution.  We hope to see you there!

To schedule a one-on-one demo at MMS 2012, click here.

FierceGovernmentIT reported that Government Core Baseline (GCB), formerly known as FDCC, violations were found at a large energy company, along with other least privilege violations.  The company responded swiftly and remediation tactics underway, but are they enough to become compliant and reduce exposure to security risks?  They've started with the layered approach with patch management and password controls however our Energy & Utility clients have completely removed administrative privileges and are using Viewfinity Privilege Management to elevate privileges on the application level, closing down the loophole presented when users have administrator accounts. 

"The report also criticizes the power administration for not following the Government Configuration Baseline (formerly known as the Federal Desktop Core Configuration) on only two of its four server operating systems.