Do the terms “hacker” or “cyber attack” catch your attention?  They should and if they don’t then you should definitely read “Experts to business owners: Beware of hackers” by Charles McChesney of The Post-Standard. While there are endless attempts from cyber criminals to compromise your network, there are ways to significantly mitigate these attempts. 

A fundamental approach and best practice is implementing and enforcing the “principle of least privilege” at your company.  Employees will be limited to only parts of the network and to applications they need to perform their daily work functions.  This means employees cannot install suspicious software or manipulate system settings.  This reduces the risks of viruses entering your network such as “crimeware” that captures keystrokes similar to what happened to the Central New York Business owner in the article. 

Be proactive, remove administrator rights from your end users and manage the permissions standard users require through automated policies. 

Patch Tuesday fixes address critical flaws in Windows, IE,” and other fixes are included in the Microsoft security bulletins released on Tuesday October 11, 2011.

As stated in the article, Microsoft released 8 total bulletins addressing a total of 23 vulnerabilities and all versions of Internet Explorer are affected along with other Microsoft operating systems.  As Microsoft releases their monthly “Patch Tuesday” updates, it is important for you to consider how many of these vulnerabilities can be mitigated when users are not running with administrator rights.

Dwain Kinghorn, of SageCreek Partners, wrote the whitepaper titled, “Viewfinity Privilege Management Mitigates Microsoft Patch Vulnerabilities” and in this whitepaper, Dwain explains exactly how a privilege management solution can help to mitigate the risks involved with Microsoft Patch Updates.  Many attacks involving malware are designed to exploit the Microsoft vulnerabilities and are usually successful if users are running with administrator rights.  “When the locally logged on user does not have administrative rights, the programs and processes that the user runs do not have the rights to be susceptible to many of the vulnerabilities that are referenced in the monthly Microsoft security bulletins,” said Dwain. Simply stated, when users are running without administrator rights, the desktops are less susceptible to malware and in a locked down environment, a privilege management solution like Viewfinity’s elevates privileges for standard users via policies so that user productivity is not sacrificed and security is enhanced with an additional layer of defense.

Download a copy of the whitepaper and learn more about how Viewfinity Privilege Management helps to mitigate the Microsoft patch vulnerabilities.

“If you're not careful, hackers could cost you the money you were trying to save in the first place.” – Dal Gemmell of entrepreneur.com

In an entrepreneur.com article titled “How to Protect Remote Employees' PCs from Security Threats”, Dal Gemmell addresses the issues that exist when employees work remotely. 

The first issue being: Less protection equals more vulnerability.   

Less protection equals more vulnerability- not only is this true but it is the one of the main reasons many organizations experience a security breach.  Security threats have become increasingly  sophisticated.  More and more employees are working remotely so the need to secure its mobile workforce should be on the top of every company’s IT security priority list.  There are plenty of solutions that can help to protect employees working remotely but one solution that tops the list to securing mobile endpoints is moving to a least privileges environment.  In a least privilege environment, administrator rights are removed from end users and IT administrators manage user permissions through policies that elevate privileges at the application level.  

Viewfinity understands the nuances associated with managing your mobile and remote endpoints, which is why Viewfinity’s privilege management solution is specifically architected to support mobile workers. Here are two case studies that demonstrate how companies are using Viewfinity Privilege Management for application control for remote workers: 

Kilgore College came to Viewfinity for a solution that would help to solve their problems with virus attacks and malware partly due to the fact that most of its staff and faculty have administrator rights. The IT team supports approximately 1100 desktops and 200 laptops with a user base spread out over the main campus in Kilgore and its second campus in Longview Texas. Kilgore College had a dilemma on how to support faculty on and off campus, especially during the summer months when classes are not in session, but faculty is still working.  Kilgor College implemented Viewfinity’s Privilege Management solution and Luke Saintignan, System Administrator for Kilgore College was pleases to say “Viewfinity was the only product that did exactly what I wanted -- I had problems getting the other two products that I evaluated to do what I needed. The fact that Viewfinity works in tandem with Active Directory but not directly reliant on it, was huge to me. If Active Directory goes down, I still have least privilege and policies that actively manage my machines.”   Read the Kilgore College Case Study. 

EagleMed, LLC is a Commission on Accreditation of Medical Transport Services (CAMTS) accredited critical care transport service needed a solution to solving the time consuming, difficult problem they were experiencing when providing hands-on support to the remote bases in order to resolve security issues due to malware and viruses, keeping the machines patched to a consistent level (the individual bases determined which updates they would and would not apply) and deploying software.  With the implementation of Viewfinity’s Privilege Management solution, EagleMed’s IT Team is able to more efficiently support the vast remote user base without traveling the location and response times are faster and when a request comes in for software upgrades, users do not have to wait to get a copy in the mail or for IT to drive it out to base.  In most cases, end user requests are resolved the same day, usually within 15-30 minutes.   “Viewfinity was instrumental in helping us solve our challenges related to managing off-domain machines. Since Viewfinity works in tandem with Active Directory but does not require laptops or desktops to be part of the Active Directory domain or to be directly connected to the corporate network, we are now able to easily and quickly resolve issues on any off-network device,” Ryan Kane, Systems Engineer for EagleMed.  Read the EagleMed Case Study.

See how easy it is to secure your mobile workforce in a least privilege environment by managing policies and elevating privileges at the application level on the fly with a free evaluation of our product.  

It’s that time again- Microsoft releasing patch updates or better known as Patch Tuesday or maybe even Black Tuesday. 

Microsoft released 2 Security bulletins today for May’s patch updates, compared to 17 security bulletins in April.  Nonetheless, vulnerabilities that are caused by regular Windows, Internet Explorer, and Microsoft Office patch updates can expose a desktop to harmful malware and other IT threats. These threats can cause major headaches for IT administrator but these headaches can be reduced when a user does not have admin rights on the desktop.  Viewfinity research shows that these vulnerabilities are mitigated when users are running without admin rights but it doesn’t stop here.  Companies must bridge the gap between desktop lockdown and end user productivity and this is why many companies are using Viewfinity’s Privilege Management solution.  This is the only reliable and well sought after solution that balances the rigidity of locking down end points with the needs of user customization. It provides IT security professionals with a method for securing the end-point by elevating privileges for an application or process, or for desktop functions, rather than providing total administrative privileges. Systems are less at risk without sacrificing user productivity or increasing support call volume. 

You can read the full analysis here. 

Take the first step in mitigating the risk of Black Tuesday’s vulnerabilities by detecting which users have admin rights on the Windows domain with Viewfinity’s complimentary Local Admin Discovery Tool.  This tool will allow IT admins to discover and remove users with admin rights that should not have them. 

After removing the admin rights, see how easy it is to bridge the gap between desktop lockdown and managing policies and elevating privileges on the fly with a free evaluation of our product.

During Microsoft Patch Tuesdays, there are numerous vulnerabilities involved as outlined in the security bulletin that Microsoft issues during the patch releases.  Firewalls, web filters, anti-spam, NAC, and anti-virus solutions do help to protect against IT security threats and the more layers of security protection a company adds, the more they reduce the risk of a costly and embarrassing IT security breach.  Another very effective method for mitigating vulnerabilities is for companies to remove administrator rights from users.   

“A locked down endpoint is less susceptible to malware that exploits the vulnerabilities that are highlighted every month on Patch Tuesday,” said Dwain Kinghorn, Partner at SageCreek Partners and author of the white paper. 

A review of all the software updates that Microsoft released in 2010 demonstrates that month after month there are vulnerabilities in Windows, Internet Explorer, and Microsoft Office that are mitigated when the user is not running with administrator privileges, specifically:  

• 9 months in which there was at least one update for Microsoft Windows that addressed issues that were less significant when users didn’t have administrative rights
• 7 months in which there was at least one update for Internet Explorer that addressed issues that were less significant when users didn’t have administrative rights
• 11 months in which there were updates for Microsoft Office that addressed issues that were less impacted when users didn’t have administrative rights

Click here to download the full analysis. 

Viewfinity’s Privilege Management balances the rigidity of locking down end points with the needs of user customization. It provides IT security professionals with a method for further securing the end-point by elevating privileges at the application level, or for desktop functions, rather than providing total administrative privileges. Systems are less at risk without sacrificing user productivity or increasing support call volume.

Do you know who has administrator rights on your Windows domain?  If you aren’t sure then download our Local Admin Discovery tool to find out. This tool is provided at no cost to your organization. After the analysis is run, IT Administrators can take action, if needed, by removing the users or suspicious groups from the Administrators group.

-New OS Image Deployment, Patch Management, Privilege Management and Interactive Dashboard Features Continue Viewfinity’s Commitment to Customers-

Waltham, MA – June 14, 2010 – Viewfinity (www.viewfinity.com), the innovator of privilege and systems management, today released version 3.0 of its solution suite. Nearly 3 months after its debut launch into the market, Viewfinity continues to make good on its commitment to customer-led product development and to build products that are critically needed in the market.

See the new features and updates in a live webcast demonstration, June 16th at 11:45 am ET

Register here to attend: http://www.viewfinity.com/Resources/LiveDemo.aspx?reg=sm

Additional Viewfinity features / functionality include:

· Privilege Management: administrators can create policies that will execute scripts without needing to assign local administrator rights to the end user; identify applications that require administrator rights, and permit or block the use of child processes

· OS Deployment: creates an exact disk image of the laptop/desktop including the operating system, configuration files and all applications and deploys the image to multiple systems simultaneously, making it ideal for rapid bare-metal installations (OS deployment via Acronis Snap Deploy)

· Patch Management: fully manages the distribution of updates released through Microsoft Update to computers in your network as well as mobile computers not connected to the internal network

· Viewfinity Dashboard: provides a quick view into the operations and status of the company assets through live monitoring of select desktops and servers to identify problematic areas

· Windows 7 OS Deployment with Viewfinity User Migration: a valuable add-on to the Acronis image deployment software for domain based migration of user personal settings, application settings and user data files to prepare for and perform the migration from Windows XP or Vista to Windows 7.

Viewfinity also complements traditional systems management, such as SCCM, by offering new flexibility to manage administrator rights for locked down computers.

Viewfinity Systems Management solution can be delivered from a web-hosted platform or installed on premises. All desktop management is done through a secure and encrypted HTTPS connection which provides the ideal method for managing PCs for remote and mobile workers. Its web-hosted platform is also ideal for proof-of-concept evaluations because it eliminates the need to build a complex server environment to evaluate or deploy the software.

Online registration is available for trial evaluations here: http://www.viewfinity.com/SaasStart.aspx

Tags: Viewfinity, Desktop Management, Systems Management, Patch Management, OS Deployment, Software Deployment, Privilege Management, SaaS, Windows 7 Migration

About Viewfinity

Viewfinity is the innovator of systems and privilege management via cloud-computing, allowing IT professionals to focus on managing systems and not the platform's infrastructure. With the cloud model, IT can be up and running quickly to provide management, support and control for desktops, servers and laptops. This makes it extremely cost effective and easy for IT to support local as well as mobile workers.

Viewfinity uses virtualization technology as the foundation to simplify and automate deployment and management of applications, licenses and assets. Viewfinity also complements traditional systems management by offering compliance adherence to flexibly manage privileges for locked down computers. Viewfinity's cloud approach delivers immediate and long-term value, scales with business need, and eliminates the equipment, training, and substantially higher costs of on-premise implementations. Based in Waltham, MA, information on Viewfinity systems management solutions can be found at www.viewfinity.com.