A project to remove administrative rights with the minimal amount of disruption to your end users, when done properly, requires extensive analysis to determine user needs and prepare the environment. As organizations work to heighten IT security by moving to least privileges, Viewfinity provides a non-disruptive, automated method for moving to least privileges via an end-to-end best practice approach that helps enterprises prepare the environment before privileges are revoked.
Preliminary Preparation: Pre-Discover Applications Requiring Elevated Permissions
Our Application Admin Rights Analysis silently gathers information and monitors which applications, processes, and administrative actions will require administrative permission before users are removed from the local admin group. This information is based on end user activity and is collected over a period of time to ensure all events are captured. Once the collection and analysis is completed, policies to elevate privileges can be automatically created and prepared in advance so that when administrative rights are removed, the policies are in place to ensure a non-disruptive move to least privileges.As part of this process, Viewfinity has a Local Admin Rights Usage Statistic dashboard. This is a graphical “readiness indicator” of where an organization stands in terms of determining the optimal point in which they are prepared to remove administrator rights.
Here is an example of a completed Application Admin Rights Analysis presented in the Local Admin Rights Usage Statistic dashboard graph:
This report shows the following:
· Events marked in Green represent events which have been identified from user activities on previous days.
· Events marked in Red represent newly discovered events that require Admin rights.
· Readiness indicator: when the discovery bar is mostly green, the system has collected the majority of events requiring administrative permissions. This indicates you are ready to use the Viewfinity Policy Automation Approval feature and automatically build policies based on the events discovered.
Read more about our end-to-end process here: http://www.viewfinity.com/Whats-New/Default.aspx