Lieberman Software and Viewfinity Present: Privileged Identity Management and Least Privilege Control

Security breaches are driving the need to manage and audit privileged accounts, all the way from the “gate-keeper” via password management control, through to the specific privileges via least privilege management principle.  

When Lieberman Software's Enterprise Random Password Manager™ (ERPM) is used in combination with Viewfinity’s Privilege Management solution, the two proven technologies offer flexible capabilities to  granularly pick and choose the appropriate Privileged Identity Management controls and permission policies based on the platform (desktop, laptop, and server) for which the privileges are being managed.   Joint customers benefit from the most comprehensive solution available for tracking and auditing all privileged and administrative activities and elevated privilege policies across an organization's entire infrastructure, from Windows-based endpoints, to servers, virtual machines, cloud/SaaS, remote based-endpoints and any other system within the organization.  

In this joint webinar, we will provide a live demonstration detailing how the two products work together to protect companies who require fully automated password management and privileged account auditing along with elevation of privileges for applications or to reduce permissions for privileged users on specific applications and tasks in a least privilege environment.

Using Group Policy to Manage Administrator Rights

In every organization there exists a somewhat buried but very dangerous keyhole: the presence of local administrator accounts. Local administrator accounts sometimes created directly by users and hidden from the IT manager's standard tracked list of administrative accounts managed by Active Directory and can be used by malware to install malicious software on local computers through the administrator account. Further penetration into the IT environment is then accessible through this loophole. This webinar presents methods to IT security and operations managers for mitigating this risk. 

During this Live Webcast, Viewfinity will demonstrate its method for leveraging Group Policy to elevate privileges for standard users. We'll show how to block applications and toolbars, allow users to self-elevate privileges on demand, custom configure security messages to end users, setup whitelists, and report, audit and validate all compliance policies.

Using Group Policy to Manage Administrator Rights

There’s a danger buried deep beneath your Windows infrastructure, and its name is Administrator.

A seemingly innocuous group, the Administrator menace can be a source of untold problems, security leaks, inadvertent and malicious break-ins, and all manner of user and group nefariousness. Are all members of administrative group the people who really need those rights?  Did you know that administrative accounts not members of Domain Users create a huge threat?  How they exploit glaring holes in OS security?  Why they’re a vector for widespread malware distribution?

Greg Shield’s will explain the approaches available to IT security and operations managers for mitigating this risk. He will review the Microsoft out-of-the box tools available to restrict user permissions, including managing user permissions through Active Directory and Group Policy and also explain the inherent limitations.

Next, Viewfinity will demonstrate its method for leveraging Group Policy to elevate privileges for standard users. We’ll show how to block applications and toolbars, allow users to self-elevate privileges on demand, custom configure security messages to end users, setup whitelists, and report, audit and validate all compliance policies.

Preventing Insider Attacks: Learning from Other's Mistakes

Cyber attacks by external individuals and organizations against businesses—the recent Zappos.com breach, for example—make headlines regularly. What's not as widely known, however, are insider attacks where individuals inside a company use their elevated privileges or information to steal information or sabotage corporate assets. Why? Insider attacks are often not discovered, or not reported when they are discovered due to the embarrassment of the breach. In this seminar, Windows IT Pro technical director and nine-time Microsoft directory services MVP Sean Deuby will take you through a rogue's gallery of insider attacks, how they occurred, their impact to the company, and how they might have been prevented with proper IT security. Would your company withstand these attacks?
 
Following Sean’s discussion, Alex Shoykhet will explain how Viewfinity’s solution allows enterprises to control end user and privileged user rights for applications and systems which require elevated permissions. He’ll provide a brief demo of the product’s granular-level controls that help companies enforce consistent policies for least privilege Windows-based environments based on segregation of duties.

Boston Tech-Security Conference

The Boston Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security, USB drives security & more.

InfoSec World Conference & Expo 2012

Microsoft Management Summit

Improving Endpoint Security Case Study: Hear how a Customer is Actively Managing Admin Rights in a Least Privilege Environment

In this live webcast session, Brian Grinstead, Support and Systems Management Coordinator for Indian Prairie School District 204 , will share how he removed administrative rights from 7000 desktops and 2500 laptops spread over 35 locations.  Brian will describe how he manages privileges for standard users that are located in remote offices as well as on-site using Viewfinity. Brian was able manage this transition without negatively impacting end user productivity. He'll describe his challenges and how the Viewfinity Solution improved Indian Prairie's endpoint security.

Alex Shoykhet, Vice President of Product Management with Viewfinity will follow up with a demonstration of the Viewfinity product.  He’ll show how IT administrators can manage and assign administrative privilege permissions to specific applications and desktop functions through granular control of administrator rights.

Ten Tips for Moving to a Least Privilege Environment for Endpoint Protection

Widespread endpoint administrator rights are a nightmare for IT and a common factor leading to endpoint security attacks. Users who are “Administrators” on their endpoints typically do not need absolute admin rights to accomplish their daily tasks.  Thus, moving to a least privileges environment is an effective means to mitigate endpoint-based IT security risks. 

Join Viewfinity and Carahsoft as they discuss the top ten tips for removing administrator rights on endpoints without impacting user productivity. Also, a speaker from Douglas County Libraries will share the proactive steps they have taken to secure their computers by operating in a least privileges environment. All users are restricted users with no local admin rights to their machines. Monique Sendze will present how she is using Viewfinity as a method for securing endpoints by elevating privileges at the application level rather than providing total administrative privileges.

Featured Speakers:

• Alex Shoykhet, VP of Product Management at Viewfinity
• Monique Sendze, Associate Director of Information Technology for Douglas County

What Happens When Users Have Admin Rights? Stop the Risks Now!

To more effectively combat security breaches, removing administrative rights from users is a well-accepted strategy.  In fact, for most of you, your IT staff has already done so only to turn around and “temporarily” grant rights to users who end up needing them for a specific usage.  The number of users creeps up and up, until you no longer can keep track of who you gave rights to. So what are top 5 risks this opens your company up to?    

Attend this webinar and learn more about understanding the risks your environment is exposed to, such as:

• Exploiting administrative rights on laptops and desktops, and through that path, get into a position to infiltrate servers
• Keylogging
• Unauthorized management of administrative credentials (such as UAC password access)
• Adding unauthorized users to the admin group
• Installation of unauthorized devices

We’ll teach you how to find local admin user accounts that are not being audited by your IT department, and how to create an audit trail of activities conducted after non-admin users enter the password on the UAC prompt.  At the conclusion of this webcast you’ll be able to get a handle on who has administrator rights and remove the rights without disrupting productivity or increasing calls to your help desk.  Takeaway: you will learn methods allowing you to stop giving users admin rights!

Microsoft & Viewfinity: Windows 7 Migration, An Opportunity to Lockdown PCs & Manage Privileges

With the Windows XP sunset date fast approaching, plans for Windows 7 migrations are in full swing, prompting organizations to re-assess their approach to securing and managing their desktops. Users who are “administrators” on their endpoints often do not need absolute administrative rights to accomplish their daily tasks – yet having free reign on software installation and endpoint-based operations often leads to malware and data breaches that are costly to your company’s reputation and bottom line.

During this eSeminar, we will discuss the reasons why desktop refresh fits perfectly into a Windows 7 migration project for securing and managing endpoints. We will also discuss how Viewfinity Privilege Management allows IT professionals to remove administrative rights and manage privileges for standard users with zero impact on user productivity. Attendees will gain a first-hand look at how this end-to-end approach automates the analysis required to determine user needs and prepares your environment accordingly.
 

• Alexander Shteynberg, Technology Architect with Microsoft, will explain why the desktop refresh fits perfectly into a Windows 7 migration project for securing and managing endpoints.
• Alex Shoykhet, VP of Product Management will continue the conversation by demonstrating how the Viewfinity product augments the built-in Windows 7 tools and offers an extended, flexible approach that addresses the entire scope of managing privileges for end users once admin rights have been removed.

Best Practices for Privileged Identity Management with Least Privilege Management

Think about all your company's IT assets for a minute. Accounts receivables/payables reports, bank accounts, executive compensation ledgers, client list with sales history, HR employee files, confidential company emails . . . the list goes on and on.

Now think what would happen if this information went public. Think it couldn't happen to your company? Think again. It happens all the time.

Please give us 40 minutes of your time to learn best practices on how to protect your vital data. We will discuss how to secure your most sensitive information and IT infrastructure by combining Privileged Identity Management with the principle of least privilege management. This webinar will explain how to: 

• Limit and audit those with administrative access or privileges across your enterprise
• Control privilege elevation for applications and tasks for both standard and privileged users related to specific needs/role
• Reduce permissions for privileged users on specific applications and tasks

Lieberman Software and Viewfinity have come together to offer a closed loop process for controlling who is denied access, who gets access, and once logged in, what they are allowed to run/manage in your environment. Where Lieberman protects the “keys to the kingdom”, Viewfinity manages the “who, what, when, where and how” of least privilege management control for end users and privileged users. 

Viewfinity and PolicyPak Software Present: Granular Endpoint Protection via Application Control

In this joint webinar, Viewfinity and PolicyPak will demonstrate how to best protect your endpoints with true desktop and application lockdown, and manage the lockdown environment so that user productivity is not impacted.  

Alex Shoykhet, VP of Product Management at Viewfinity, will demonstrate a best practice approach for using Microsoft Active Directory and Group Policy to manage administrator rights for standard users.  The demo will kick off with tools for removing administrator rights and then segue into how to manage privileges for standard users with zero impact on user productivity.  This is done via Viewfinity's end-to-end approach for managing admin rights such that end users don’t need to involve the help desk every time a user needs admin rights.

Next the PolicyPak team will demonstrate how to lock down individual applications by controlling settings within the application.  PolicyPak prevents users from manipulating important settings, but also quietly reapplies misconfigured settings if a user or application happens to work around them. You’ll learn how to answer questions such as “How are you able to guarantee key application and operating system settings for users?” and “How can you prevent users from messing up their apps?” and “How can we prevent application pop-ups and application questions?”

Adding Advanced PC Lockdown During a Windows 7 Migration

One major complaint from admins about Windows XP was that it was fraught with security holes and difficult to lock down. Some admins have found that migrating to Windows 7 meant being able to lock down PCs, but it does require one to rethink how to approach privilege management. In this engaging webinar Greg Shields will show you how to shift your thinking and make computing safe again, for you and your users. Register today!

About the presenter:
Greg Shields, MVP and Senior Partner, Concentrated Technology Greg has over 15 years of experience spanning the breadth and depth of IT. He is a Contributing Editor and columnist for TechNet Magazine and Redmond Magazine, and serves as Conference Chair for TechMentor Events. He has authored countless books, white papers, and articles, and can be regularly found sharing expert advice on webcasts.
 

Managing Admin Rights Case Study: Hear How a Customer is Controlling Admin Rights to Adhere to Least Privileges on the Endpoint

In this live webcast session, Ryan Kane, Systems Engineer for EagleMed, will share how he has locked down EagleMed’s machines to prevent the sharing of patient data (HIPAA mandate) and mitigate the security risks introduced through malware. Ryan has managed this project such that he is enforcing least privileges without having a negative impact on user productivity. He'll describe his challenges, how the Viewfinity Solution helped him resolve these obstacles, and then show you the product in use at his environment.

Bob Vogt, Sr. Support Engineer with Viewfinity will then provide a demonstration showing how IT administrators can manage and assign administrative privilege permissions to specific applications and desktop functions through granular control of administrator rights.

Attendees will learn how to:

• Discover User Accounts that have local administrative rights
• Remove users or suspicious groups from the administrators group
• Silently discover applications requiring administrative rights prior to revoking privileges
• Provide “Readiness Statistics” based on end user activity that is collected over a period of time to ensure all events requiring administrator rights are captured
• And, finally, once the collection and analysis has completed, create policies to control User Permissions/Privilege Escalation for users who are running applications or desktop functions that require elevated privileges

Getting Started: Removing Administrator Rights & Setting Up Policies to Elevate Privileges for Standard Users

Widespread endpoint administrator rights are a nightmare for IT and a common factor leading to endpoint security attacks. Users who are “Administrators” on their endpoints typically do not need absolute admin rights to accomplish their daily tasks – yet having free reign on software installation and endpoint based operations often leads to malware and data breaches that are very costly. Moving to a least privileges environment is an effective means to mitigate endpoint-based IT security risks.

Learn how to remove administrator rights on endpoints without impacting user productivity. No need to grant full administrative rights to users just so they can run a business application that requires administrative privileges. This webcast will discuss how IT administrators can manage and assign administrative privilege permissions to specific applications and desktop functions through granular control of administrator rights.

Attendees will learn how to:

• Discovering User Accounts that have local administrative rights
• Remove users or suspicious groups from the administrators group
• Silently discover applications requiring administrative rights prior to revoking privileges
• Provide “Readiness Statistics” based on end user activity that is collected over a period of time to ensure all events requiring administrator rights are captured
• And, finally, once the collection and analysis has completed, create policies to control User Permissions/Privilege Escalation for users who are running applications or desktop functions that require elevated privileges

SC World Congress November 16, 2011 Metropolitan Pavilion New York, NY

For the fourth year in a row, SC Magazine has organized a stellar line-up of experts armed with information and advice about the latest cybercrime and data theft incidents, industry developments and more. And, given the host of data exposures and breaches that have recently plagued government and private organizations, the timing couldn't be better. Indeed, an overall jump in IT security breaches found by some researchers underpins an acute need for executive leaders to become increasingly vigilant about updating and maintaining their IT security risk management plans. SC Congress New York 2011 addresses all of this with its one-day agenda chock full of expert-led talks tackling everything from mobile and cloud vulnerabilities to retaliatory hack attacks and the slew of recent breaches. Whether you're after the latest information about cyberespionage and other attacks, guidance on how to protect critical company data as your organizations relies more heavily on cloud services or mobile devices, or how your organization can comply with the latest mandates, SC Congress New York is the industry event to hit. We hope you can make it!

Using Microsoft Active Directory and Group Policy to Manage Admin Rights

The most popular attack vector for malware infections in the workplace continues to be through a user's administrative account on their Windows client. Up to 85% of malware infections come from commercial exploit kits that ultimately take advantage of this elevation of rights (CSIS Security Group). And yet, four years after Microsoft introduced User Account Control (UAC) in Windows Vista, most organizations today continue to use Windows with administrator accounts instead of a least privileged configuration. Sometimes it's due to legacy client operating systems that don't allow enough flexibility. But sometimes it's because out-of-box controls aren't flexible enough to meet a company's application requirements. In this session, Windows IT Pro technical director and 8-time Microsoft directory services MVP Sean Deuby will review the Microsoft tools available to restrict user permissions. He will not only share use cases on how to use these out-of-box tools, including managing user permissions through Active Directory and Group Policy, but also their limitations where a solution beyond just an AD and GPO extension would better answer the organization’s requirements.

New England-Israel Data & Security Storage Summit

Ensuring strong and efficient data storage and secured systems is the foundation of any successful business in today’s global business environment and continued migration to Cloud Computing. New England, Washington State and Israel are global leaders in innovation and entrepreneurship - and major players in the global software/IT industry, with the innovations of its companies earning international recognition and prestige. Numerous New England and Washington State companies have already realized the benefit of establishing development organizations in Israel, engaging with Israeli companies for collaboration, and acquiring Israeli companies to gain access to their unique technology and innovative solutions.

Microsoft & Viewfinity Present: Windows 7 Migration is the Opportunity to Lockdown Desktops & Manage Standard User Privileges

With the Windows XP sunset date fast approaching, plans for Windows 7 migrations are in full swing. This has prompted organizations to re-assess their approach to securing and managing desktops. Users who are "Administrators" on their endpoints often do not need absolute admin rights to accomplish their daily tasks - yet having free reign on software installation and endpoint based operations often leads to malware and data breaches that are costly to your company's reputation and bottom line.

With the advanced privilege management capabilities from Viewfinity, locking down desktops and operating a least privileges environment offers a fundamental layer of IT security as an effective means to mitigate endpoint-based risks.

On this webinar, Alex Shteynberg, Technology Architect in the New York City Microsoft Technology Center will discuss reasons why the desktop refresh fits perfectly into a Windows 7 migration project for securing and managing endpoints.

Next, Alex Shoykhet, VP of Product Management for Viewfinity, will discuss how Viewfinity Privilege Management allows IT professionals to remove administrative rights and manage privileges for standard users with zero impact on user productivity. He will demonstrate Viewfinity's non-disruptive, automated method for transitioning to a least privileges environment, which is an end-to-end approach that automates the analysis required to determine user needs and prepare your environment.

A Non-Disruptive Transition for Removing Administrative Rights

Attendees will learn how to:

• Discovering User Accounts that have local administrative rights
• Remove users or suspicious groups from the administrators group
• Identify applications requiring administrative rights prior to revoking privileges
• Interpret “Readiness Statistics” to determine the optimal “preparedness” point to remove administrator rights
• Create policies for standard users who are running applications or desktop functions that require elevated privileges

McAfee FOCUS 11 Security Conference

The Venetian and Palazzo Congress Center Las Vegas, NV

Visit Viewfinity in Booth #306

The most dedicated security professionals in the world will come together for FOCUS 11—the fourth annual McAfee security conference. Join us for three full days of concentrated learning and networking. You’ll hear from industry experts and learn how others are using the latest technologies to thwart multi-pronged attacks, achieve compliance, and reduce risk. Learn how your organization can balance the business need to embrace Web 2.0, virtualization, cloud computing, and personal and mobile devices while protecting your critical assets and sensitive data

Non-Disruptive, Automated Transition to Desktop Lockdown

In today’s battle against Advanced Persistent Threats, widespread endpoint administrator rights are a nightmare for IT and a common factor leading to endpoint security attacks. Users who are “Administrators” on their endpoints often do not need absolute admin rights to accomplish their daily tasks – yet having free reign on software installation and endpoint based operations often leads to malware and data breaches that are costly to your company’s reputation and bottom line. Locking down desktops and operating a least privileges environment offers a fundamental layer of IT security protection and when augmented with default-deny and anti-malware, stops a high percentage of malware and security breaches.

Join Greg Shields of Concentrated Technology to learn how Privilege Management, facilitated by some very smart Privilege Management solutions, can turn the impossible into the absolutely possible. Then, Alex Shoykhet will step through Viewfinity’s non-disruptive, automated method for transitioning to a least privileges environment. This end-to-end approach automates the analysis required to determine user needs and prepare your environment.

1. Discover User Accounts that have local administrative rights
2. Remove users or suspicious groups from the Administrators group (if needed)
3. Silently discover applications requiring administrative rights prior to revoking privileges.
4. Provide “Readiness Statistics” based on end user activity that is collected over a period of time to ensure all events requiring administrator rights are captured
5. And, finally, once the collection and analysis has completed, create policies to control User Permissions/Privilege Escalation for users who are running applications or desktop functions that require elevated privileges.

New England-Israel Homeland Security & Defense

The MOITI Office in South Boston, MA

The NEIBC, in collaboration with the Israeli Ministry of Defense (MOD), the Commonwealth of Massachusetts Housing and Economic Development and the Consulate General of Israel to New England, will host a meeting on October 4, 2011 at Belmont Country Club. This event will present a unique opportunity for New England companies to meet in person and learn directly from MOD officials about Israeli military needs for technology, equipment and other supplies. The MOD currently oversees annual purchases of over $2.2 Billion from US companies.