Join us for a webinar on July 26th featuring Viewfinity and PolicyPak Founder, Jeremy Moskowitz, on Granular Endpoint Protection via Application Control.

In this joint webinar, Viewfinity and Jeremy Moskowitz will demonstrate how to best protect your endpoints with true desktop and application lockdown, and manage the lockdown environment so that user productivity is not impacted.

Sign-up below!

Thursday, July 26, 2012 at 2 pm ET

In a recent Viewfinity survey for which more than 600 IT security professionals responded, a major vulnerability was uncovered: 2/3 of companies don’t know who has local administrator rights.  The infographic below describes the findings:

"Admin rights" can be used by malware to install malicious software on local computers through the administrator account. Further penetration into the IT environment is then accessible through this vulnerability allowing other security threats to enter a corporate network. 

Don’t get caught off-guard - download Viewfinity’s complimentary Local Admin Discovery Tool.  This free tool allows you to discover user accounts and groups that are members of the local “Administrators” built-in user group on computers in your Windows domain.  Once the analysis has been run, IT Administrators can take action by removing the users or suspicious groups from the Administrators group.

A project to remove administrative rights with the minimal amount of disruption to your end users, when done properly, requires extensive analysis to determine user needs and prepare the environment.  As organizations work to heighten IT security by moving to least privileges, Viewfinity provides a non-disruptive, automated method for moving to least privileges via an end-to-end best practice approach that helps enterprises prepare the environment before privileges are revoked.  

Preliminary Preparation:  Pre-Discover Applications Requiring Elevated Permissions

Our Application Admin Rights Analysis silently gathers information and monitors which applications, processes, and administrative actions will require administrative permission before users are removed from the local admin group. This information is based on end user activity and is collected over a period of time to ensure all events are captured. Once the collection and analysis is completed, policies to elevate privileges can be automatically created and prepared in advance so that when administrative rights are removed, the policies are in place to ensure a non-disruptive move to least privileges.As part of this process, Viewfinity has a Local Admin Rights Usage Statistic dashboard.  This is a graphical “readiness indicator” of where an organization stands in terms of determining the optimal point in which they are prepared to remove administrator rights.   

Here is an example of a completed Application Admin Rights Analysis presented in the Local Admin Rights Usage Statistic dashboard graph:

This report shows the following:

·         Events marked in Green represent events which have been identified from user activities on previous days.

·         Events marked in Red represent newly discovered events that require Admin rights.

·         Readiness indicator:  when the discovery bar is mostly green, the system has collected the majority of events requiring administrative permissions. This indicates you are ready to use the Viewfinity Policy Automation Approval feature and automatically build policies based on the events discovered.

Read more about our end-to-end process here: http://www.viewfinity.com/Whats-New/Default.aspx

Viewfinity recommendations and action items based upon the above:

Question #1:

If you’re among the IT Administrators who are looking to change this dynamic, we have a free tool that allows you to discover user accounts and groups that are members of the local “Administrators” built-in user group on computers in your Windows domain and take action, if needed, by removing the users or suspicious groups from the Administrators group.

Question #2:

For all who answered NO, you may want to consider reviewing our recorded webcast of a live demo session that demonstrates Viewfinity’s end-to-end approach that automates the analysis that silently discovers applications requiring administrative rights, prepare your environment and create policies to control User Permissions/Privilege Escalation for users who are running applications or desktop functions that require elevated privileges.

View webcast recording:  Getting Started: Removing Administrator Rights & Setting up Policies to Elevate Privileges for Standard Users