USE CASE BREAKDOWN: Eradicate Nuisance Help Desk Calls – Movado Group Inc.

by Viewfinity 13. October 2014 16:36

USE CASE BREAKDOWN: Eradicate Nuisance Help Desk Calls – Movado Group Inc.

Movado Group Inc. implemented a corporate initiative to lock down its endpoint environment to improve security.  Once administrator rights had been removed, Movado deployed Viewfinity Privilege Management and use automated policies that resolve the challenges that present due to the removal of  admin rights. In addition to the reduction in time-consuming support related requests that occurred prior to lock down, such as reimaging of malware infected machines, Movado Group Inc. was able to completely eradicate nuisance help desks calls within their environment.

Movado Group Inc. - Use Case Webcast

Movado Group Inc. - Full Case Study

 
   

Fast Facts

Project Scope: Eliminate nuisance calls due to removal of admin rights and improve end user productivity through faster resolution of IT issues.

  • Multiple sales and distribution offices around the world, with over 1300 employees
  • Workforce is comprised of 1100 endpoints 60/40 laptop/desktop
  • 10% of staff are mobile workers and 30% work in retail locations

The Situation Breakdown

Challenge #1: With a locked down environment employees were unable to perform day-to-day tasks like printer installs, application upgrades etc. which were required for their job functions.

Solution: Using Viewfinity, Movado Group Inc., was able to run an audit of their environment for 30 days, identifying applications and processes which required admin privileges.

Result: Within a month of rolling out Viewfinity, Movado Group Inc. realized a complete eradication of nuisance calls. End users were able to be self-reliant, handling day-to-day task such as printer installs and java updates without having to be granted admin rights.

Challenge #2: The Movado Group IT staff spent a great deal of time making desk-side visits to fix small problems, negatively impacting productivity as users waited for tech support to arrive, and taking up valuable time for IT staff.

Solution: Movado Group Inc. was able to establish proactive policies to handle elevation needs automatically. The policies were predefined to fit actual user needs based on the Viewfinity Audit previously run.

Result: Rolling out Viewfinity helped to control unproductive downtime and predict potential problem areas. End users are able to run updates and install necessary applications on their own but the system is streamlined and controlled from the backend. End users maintain the independence and control they require being in regional offices but still receive the security benefits of a locked down environment.

 

USE CASE BREAKDOWN: Increase Security While Decreasing Costs – Process-Based Privilege Management – Apex Companies

by Viewfinity 3. October 2014 16:27

Increase Security While Decreasing Costs – Process-Based Privilege Management

 

Apex Companies uses Viewfinity to increase their IT security and harness the process-based privilege management capabilities to lower desktop management costs for a maximized ROI. Below is a breakdown of their success story as well as a recording to their live use case presentation.

Apex Companies - Use Case Webcast

Apex Companies - Full Case Study

 

 

 

Fast Facts

Project Scope: Remove administrator rights from all employees without impeding user productivity
  • IT staff is very lean, with only three support members responsible for all endpoints spanning 35 geographically disbursed branch offices
  • Apex saves hundreds of thousands of dollars in desktop management costs per year with Viewfinity
  • IT typically performed well over 500 installs on an annual basis, ranging from simple upgrades to full application installs – Viewfinity reversed the previously ineffective and costly method of deploying updates and handling installs

The Situation Breakdown

Challenge #1: Must enforce stringent policies for network and system access

Solution: Move to a fully locked down environment with privilege elevation on the application level, which removes the need for providing individual users or groups access to admin rights.

Result: Viewfinity allows Apex Companies to pre-define policies and granularly manage end-user privileges, thus meeting company compliance requirements.

Challenge #2: Need to ensure all software is installed legally and that all applications have valid licenses

Solution: Application whitelisting to allow control of which processes, applications, versions etc. are allowed to run within the environment.

Result: “Viewfinity’s reporting allows me to quickly ascertain which applications are installed, how many are installed, when they were installed, and on which computers. I use this information to budget as well as to maintain license legality… With Viewfinity I have very accurate, complete information.”

Challenge #3: Need to provide timely support to end users despite lean IT staff and geographically dispersed end users

Solution: Pre-defined policies and application whitelists can enable end users to perform simple tasks (upgrades, installs, settings) without having to contact IT support for help.

Result: Because of Viewfinity’s whitelisting capabilities, users no longer need to contact Apex IT in order to perform routine updates or whitelist installs. Viewfinity allowed Apex to realize a reduction of hundreds of thousands of dollars in desktop management costs per year.

 

  

High Profile Data Breaches Have the IT Security Community on Edge

by Viewfinity 4. September 2014 14:12

Financial institutions (JP Morgan Chase and others), Retail Stores (Home Depot, Target, Niemen Marcus), Restaurants (Dairy Queen, PF Chang), Universities (University of Maryland, Iowa State University, Wisconsin State University), Celebrities… If we’ve learned one thing this year it is that no one is safe, no one is immune to sophisticated hackers, malware, advanced persistent threats and zero-day attacks.

Here are some more examples of breaches that you might not know about, but probably should. Many of these breaches are now being attributed to "Backoff" malware, which the Department of Homeland Security has recently issued an alert to businesses on. 

Despite IT teams working endlessly against these threats, they are still getting through. The harder IT security teams work, the more pervasive hackers and malicious bodies get. It seems like a never ending, extremely vicious cycle, and no single approach to security is enough.  Experts in the analyst community do point to the removal of administrative rights as a fundamental step in IT security:

“Run more of your windows users without administrator rights… the single most important way to improve endpoint security” ~ Neil MacDonald, VP & Gartner Fellow

“If target used some type of application controls (from Bit 9, Kaspersky, McAfee, Viewfinity, etc.)… it may have had a better fighting chance.” ~ Jon Oltsik, Senior Principal Analyst for ESG: The Target breach…

The SANS Institute: “The Critical Controls represent the biggest bang for the buck to protect your organization against real security threats… The five quick wins are:”

 

 

 

A smart move.  Close down security loopholes and vulnerabilities by removing admin rights and controlling what applications can run in your environment. Here is a link to a webinar that Viewfinity recently ran with renowned security expert Marcus Murray: How Hackers Exploit Admin Rights to Access Your Systems. The webinar does a great job outlining the different security risks associated with excess admin rights in your environment. It’s definitely worth a watch.

 

Additionally, at the end of this month we’ll be running a webinar: Best Practices for Removing Admin Rights: A Step-by-Step Approach. Keep an eye out for more information regarding this event. We highly recommend this webinar if you have not removed admin rights, or have removed rights but are looking for a streamlined and automated approach to managing privileges and to cut down on IT overload. We know that your security teams are doing everything they can, but they don’t have to do it alone. For more information on the Viewfinity solutions and how we can help you pave the way to better IT security, visit our website.

 

 

What is Pass-the-Hash

by Viewfinity 31. July 2014 16:28

August 12th at 2pm ET we will be running a webinar with Enterprise Security MVP and Microsoft Security Trusted Advisor, Paula Januszkiewicz: Security Vulnerabilities Associated with Having Local Administrator Rights. This webinar will focus on the risks associated with having excess admin rights and how Viewfinity can mitigate these risks. One of the main focuses of the webinar will center on pass-the-hash scenarios; in preparation for the event we wanted to make sure everyone was well versed on this dangerous risk.

So, what is pass-the-hash? … and no it has nothing to do with twitter, or illegal substances. Pass-the-hash is when hackers exploit excessive admin rights to steal the credentials of an admin. It’s a complicated process, which is discussed fully in our white paper: How Viewfinity Mitigates Pass-the-Hash. While we highly recommend reading this whitepaper, we also wanted to share some key information to help get readers more knowledgeable in the subject… after all you must understand the vulnerability in order to protect against it.

The following information comes from Wikipedia:

WHO: Most pass-the-hash attacks are done via human speed attacks, not through automated malware, using a remove human controller (remote shell).

WHAT: Pass-the-hash is a technique which enables hackers to use your own systems against you, by using administrator rights to steal admin credentials and then use those credentials to gain access to your infrastructure.

WHERE: Pass-the-hash can infiltrate any server or service that accepts LM or NTLM authentication; it can work against any operating system.

WHEN: Once a user name and password hash is obtained a hacker can then use that information to authenticate to a remote server and have access to an entire infrastructure.

HOW: The hacker uses a user password’s underlying NTLM hash to authenticate to a remote server/service.

 

 

Pretty terrifying huh? The good news is there are ways to reduce the attack surface and stop these hackers in their tracks… the bad news is that you will have to wait until next week to find out how.

Stay tuned for a follow up to our pass-the-hash discussion and make sure to sign up for the webinar on the 12th to learn how you can secure against vulnerabilities that are associated with local admin rights.

 

Solutions for every stage: Where are you with your endpoint security project?

by Viewfinity 27. June 2014 16:02

Improving endpoint security is a difficult, but necessary task. The good news is that Viewfinity offers resources to help you during every stage of your project; whether your head is swimming trying to navigate the ever changing security landscape, you are just learning what application control can do for your organization, you’ve removed admin rights and are ready for the next steps, or you are currently employing all of the top security strategies and are looking for an easier way to manage your processes.

Take some time to check out the resources below that match your needs best, or reach out directly to Viewfinity and we can walk you through the process as smoothly as possible.

  • I am not familiar with application control and would like a high-level overview: IT Security’s 50 Shades of Grey
  • I am thinking about removing admin rights: Viewfinity’s Free Local Admin Discovery tool
  • I have removed admin rights but am experiencing IT help desk overload: Case Study – Fortune 500 Energy & Utilities Company
  • I have a homegrown / Native MS system in place but would like to learn about streamlining the process: Sign up for a One-On-One demo with a Viewfinity Engineer
  • I am making a decision soon and want to see your product: Register for a Trial Eval

Viewfinity offers flexible application control and privilege management solutions to meet whatever cyber security needs your company is currently facing. Let us work with you to make this daunting process as seamless as possible.

 

Do you feel safe from insider threats?

by Viewfinity 10. April 2014 14:19

The bad news, astonishingly a recently study published by Ovum revealed that a mere 9% of organizations feel that they are safe from insider threats. The good news, 66% of those surveyed did say that they were looking to invest more spending in IT security, specifically to help combat insider threats. You can read more on the Ovum study here: http://www.infosecurity-magazine.com/view/37826/less-than-10-of-companies-feel-safe-from-insider-threats/

Unfortunately, “insider threats” is a vague term and they are often difficult to mitigate if not handled properly. First, one must understand the different types of insider threats that organizations face each day. The most obvious threats are those internal users who act with malicious intent to either harm the organization or for their own personal gain. Second are the users who accidentally or unknowingly cause harm through lack of knowledge or preparation. Finally, there are the targeted attacks that work from the outside in. These actors target highly privileged users and utilize their credentials as a way to get access to even the most protected parts of a network. These actors are by far the most dangerous, they use advanced evasion techniques (AETs) to execute advanced targeted attacks across multiple network layers. They are difficult to defend against and even more so to detect.

So, how does an organization begin to combat these elusive threats? Obviously the first step is to enable strong perimeter controls, followed by a completely locked down desktop environment. Operating in a least privilege environment helps to prevent threats, which do make their way through the defenses, from gaining access to privileged data and applications.

Additionally, measures such as application whitelisting can help further protect organizations through a default-deny model, ensuring that only trusted applications, files, and executables can run on the endpoints and servers.

Organizations must go one step further though, to employ next-generation monitoring and forensics capabilities. In order to protect against these evasive threats, full and real-time visibility of all activities within a network is paramount. This will help organizations detect and mitigate any breaches early and effectively.

This multi-layered approach is the only way to protect against the sophisticated modern day threats that all organizations are facing today. here is an interesting whitepapter that discusses just that: Layers of Cyber Security - Modern Security Threats. Give it a read and pass it along. It's vital that the community understand the necessity for a next-generation, layered approach to cyber security.

Trouble Ahead for Windows XP Users

by Viewfinity 5. December 2013 10:52

 

 

This week Zach Epstein of BGR wrote an article that we feel is important for anyone still using Windows XP. Epstein describes the outlook which faces current XP users come the April sunset date, including massive security risks, virus and malware onslaughts and critical system flaws which will no longer be fixed.

Read the full article here.

It’s highly recommended that anyone still using Windows XP begin a migration to either Windows 7 or 8 to avoid these serious security issues; however, despite the risks, over 30% of desktops and laptops currently running are still using XP.

Organizations running on XP who are not looking to migrate any time soon need to consider utilizing 3rd party security solutions, which go above and beyond traditional anti-malware software. Organizations need to lock down their endpoint environment and employ tactics like application whitelisting and privilege management in order to try and stave off potentially devastating zero-day attacks and malware.

Windows 7 and 8 users should be implementing these techniques as well. Organizations of all sizes are subject to data breaches and cyber-attacks. A Windows 7 or 8 migration is the perfect time to implement better security practices through endpoint lockdown, application whitelisting and privilege management solutions.

Viewfinity can help ease the pain incurred by Windows 7 and 8 migrations, visit our website to find out how.

 

ILTA’s 2013 Technology Survey

by Viewfinity 22. November 2013 14:02

Peggy Wechsler, Program Director with International Legal Technology Association (ILTA) shared the published results of their annual Technology Survey. The 2013 Technology Survey reports the input of 494 firms, representing more than 88,000 attorneys and 189,000 total users.  This year’s report, while admittedly featuring the legal industry, should at the very least be skimmed by all IT professionals as it highlights some key technology shifts and findings, including:

  • The adoption of Microsoft Office 2010 jumping almost 30% (not surprising)
  • More firms seem to be supporting single platforms than in previous years (a little surprising)
  • A large shift as firms move back toward more desktop use and less laptop use (pretty surprising, perhaps due to more tablet use?)

Overall, the general consensus is that there is a constant struggle for IT professionals in the legal industry to find that perfect balance between user productivity/adoption and having a secure/affordable/compliant/up-to-date network environment. You can read the full ILTA 2013 Technology Survey to find out the results that matter most to you. In the meantime, we wanted to highlight a few key findings that came out of the survey, relating to IT Security.

In relation to a subject that is relevant to our solution, the report included a section on next-generation endpoint security.  The survey found that an overwhelmingly large number of firms are not using any sort of next-generation endpoint security solution. Most firms are simply using traditional anti-virus solutions.

Legal firms in particular handle massive amounts of sensitive/personal client data. A data breach from an advanced persistent threat or a zero-day attack could be devastating to a legal firm financially, as well as destroying any law firm’s greatest asset- its reputation. 

 

 

We think this 89% statistic is an eye-opener and timely.  Just last month Sean Power, CIO at Lathrop & Gage was our featured speaker on a webcast that addressed next-generation endpoint security. His insight was spot-on and it’s worth taking the time to watch the recording. For those looking for some comparison information, we do have this one page chart that explains the similarities and differences between AppLocker and Viewfinity.

 

 

Lawrence Pingree, Gartner Analyst, Mind Map for Information Security Technologies and Markets

by Viewfinity 3. October 2013 12:44

Lawrence Pingree, Gartner Analyst, Mind Map for Information Security Technologies and Markets

http://www.lawrencepingree.com/security/information-security-technologies-and-market-mind-map/

 

Government Shut Down: What it means for cyber security

by Viewfinity 1. October 2013 15:16

A government shutdown is the ideal situation for cyber terrorist. While most employees are sent home and the essential workers are scrambling to keep things running to the best of their ability, it leaves the door wide open for an undetected security breach. And, even if the anti-malware and firewall system that are in place detect these intrusions, no one is going to be in the office to notice or rectify the situations.

This environment harks back on the same dangers that organizations and government agencies face when dealing with natural disasters. Cyber looting is a real threat, which we hope the U.S. government is taking into account. Proper privilege management and application control and help reduce the changes that a hacker can cause damage to an organization’s network.

All organizations should be prepared, whether their shut down is government mandated, disaster induced, or even just a freak occurrence that keeps a network off line or unattended for an extended period of time.

Check out this FULL ARTICLE on Security-Daily (www.security-daily.com) to learn how the Viewfinity solutions can help secure your organization when disaster hits.

Powered by BlogEngine.NET 1.4.5.0
Theme by Mads Kristensen

Calendar

<<  October 2014  >>
MoTuWeThFrSaSu
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789

View posts in large calendar

About Viewfinity

Viewfinity provides privilege management and application control for desktops, laptops and servers, empowering enterprises to meet compliance mandates, reduce security risks, and lower IT costs. The Viewfinity solution allows enterprises to control end user and privileged user rights for applications and systems which require elevated permissions. Viewfinity's granular-level control enables companies to establish and enforce consistent policies for least privilege Windows-based environments based on segregation of duties. For more information, visit www.viewfinity.com.

Follow us on Twitter: viewfinity
Find us on LinkedIn: www.linkedin.com/companies/viewfinity
Become a fan on Facebook: www.viewfinity.com/facebook