This report provides data related to which PCs are not presently locked down and which user accounts still have administrator rights. This information is gathered, in real time, from all computers, whether they are currently situated within the corporate network or if they are outside the firewall. The information is automatically updated and presented in the report, including a graphical representation of the data. This report displays a list of computers for end user AD or local accounts that have explicitly been granted administrative rights as well as end users that have been added to power users or AD groups and are part of the local administrators group. Each scenario is represented in a different view allowing administrators to focus on specific groups. Administrators can drill further into each computer and review details on members of the local administrators group. Having this level of granularity and real-time updates provides organizations with important statistics that are critical to know when compliance audits are performed on IT assets.

When an administrator creates, edits or disables a policy, or views a Video Audit for a particular endpoint, there is a corresponding audit log that tracks the administrator’s actions and activity. Senior IT management and audit teams gain a clear understand of which policies are being activated/deactivated, created, and removed by the IT team. During a corporate audit, it is critical to know which applications are running with elevated rights, which are blocked, and to monitor the administrator who is enforcing these rules.

Viewfinity offers delegated management control to support the needs of your various IT roles and staff so that multiple administrators can be designated to manage sets of computers. With this type of management model, it is important to have the ability to audit the actions of your administrators so you may monitor who is controlling privilege management policies. Viewfinity records hundreds of different events and presents these statistics in varying formats and graphs. The reports may be exported in several formats such as Excel, Word, and PDF.

As users request access to an application, ActiveX control, or a Windows Administrative Task, such as disk defragmentation, Viewfinity provides reporting capabilities to gather these statistics by year, month, day from all PCs. Policy Automation reports will present these statistics to management prior to granting access to a specific action. Policy Automation reports contain all the details related to the request, such as the date the request was made, the initiating computer name and user account, information related to the specific application or process for which the user has requested access and the business justification provided. Reports can be reviewed by the Security Management Team prior to granting permissions. The reports may also be exported and stored for audit purposes.

The Applied Elevated Privileges report records information related to policy delivery and usage statistics on the policy, including which Active Directory user accessed the elevated application. It also provides information on the status of policies which have been assigned to specific computers, users or Active Directory groups. From this report administrators can easily identify which policies are active and/or deactivated. The report can be expanded to include additional information for each policy, such as policy usage showing when and who used the policy, the date/time, and a description of the policy and ties that information back to the specific computer. For example, this report will display detailed information related to the installation of an application, the network share from which it was installed and the user account associated with the policy. This report is very helpful for providing insight into which polices are most frequently being used and by which end user. Comprehensive policy usage information is an important component of IT audits.

The Viewfinity Privilege Management console provides a quick view into the operations and status of company policies and assets through the Viewfinity Dashboard. The Dashboard technology is completely customizable; you decide which data you want to display, based on summary reports, through the use of graphical web panes. The dashboard can be manually updated or you can elect to have it refresh automatically on a pre-defined schedule. This feature gives the Viewfinity administrator control over how often the Viewfinity Dashboard data is updated, which is particularly important when a critical policy is being processed.

Microsoft’s System Center Configuration Manager (SCCM) is used by many organizations worldwide for centralized PC lifecycle management but SCCM features do not include privilege management. However SCCM does provide mechanisms to add additional data to the SCCM database. Viewfinity Privilege Management uses these mechanisms to store summary privilege management feedback data in the SCCM database.

SCCM provides deployment, inventory, and software management functions. SCCM does not provide process level privilege controls. Viewfinity Privilege Management allows the administrator to create detailed policies that control when and how applications and their features are accessed. The integration allows IT Administrators to monitor the privilege policies in addition to the base configuration management features that are provided in SCCM. Desktop administrators that are already using SCCM for PC lifecycle management functions are able to leverage their existing infrastructure for privilege management features.

Download the software for evaluation and testing in your environment.

Benefits of Integrating SCCM with Viewfinity Privilege Management

Viewfinity Privilege Management provides a number of benefits that allow administrators to better implement least privilege features. Organizations of all sizes have more secure and stable desktops when users do not have local administrative rights on their desktops because lockdown provides an added layer of protection that helps mitigate security risks.

Viewfinity uses Microsoft defined methods to integrate privilege management with the SCCM agent and server resulting in a more secure and a better managed endpoint. Integrating SCCM and Viewfinity Privilege Management helps IT administrators by providing general system management tasks and privilege access activity from one management console.

Download our white paper to learn the details related to the Microsoft SCCM Integration with Viewfinity Privilege Management.

How it Works

Viewfinity integrates directly with SCCM to provide extended visibility into privilege management policy usage status and information regarding privilege requests from end users. This is accomplished through an add-on component which is deployed on the SCCM server. The SCCM agent collects Viewfinity policy events such as policy usage, insufficient privileges to install applications or ActiveX, requests from users to perform Administrative tasks such as disk defragmentation or the ability to change power options, etc. The information that is collected is transferred to the SCCM server through the add-on component. The status of Viewfinity policies and privilege access requests are tracked through the SCCM Console.

These SCCM reporting capabilities are beneficial during audits to track which policies are active, which applications are running with elevated rights, which are blocked, and for applications that users are requesting additional permissions.

Next steps: Download the software for evaluation and testing in your environment.