I know from my experience of deploying privilege management in global organizations that people think it’s going to be hard. Every organization is facing an endpoint security balancing act. On one hand employees, and their endpoints, need to be secure. But on the other hand, many employees require a free and flexible operating environment.
A recent press release from a competitor made some ill-educated statements about Microsoft User Account Control (UAC) and other user mode solutions that control application privileges
As we begin 2011 this will be the year that many companies will look to move from pilot to production with Windows 7. The migration to Windows 7 is an ideal opportunity to assess the security posture of the corporate desktop.
Windows 7 Ultimate and Enterprise editions ship with AppLocker, which is a Group Policy based application control solution. AppLocker is a big improvement over Software Restriction Policies, as it provides a more flexible and intuitive solution to its predecessor. Here we discuss the pros and cons of Windows AppLocker.
As many organizations look to migrate to Windows 7, it is an opportune time to review user privileges. User Account Control (UAC) was introduced by Microsoft in Windows Vista, and it has remained much the same in Windows 7, albeit with a few minor tweaks to its default behavior. Although UAC is a welcome addition to Windows, it really doesn’t provide a corporate solution to least privilege.
Few people would argue that implementing least privilege provides considerable security benefits, as removing admin rights eliminates the accidental or deliberate misuse of these privileges.
Solutions that provide application whitelisting or application control need to provide the administrator with a set of rules that can be used to precisely identify applications.
If you are interested in centralizing Windows events from your desktops or servers then you should take a serious look at Windows Event Forwarding. Event Forwarding is provided by Windows Remote Management (WinRM) and enables you to get events from remote computers and store them in the local event log of an event collector computer.
Desktop lockdown shouldn’t hinder a user from performing their day to day role. Rather, locking down desktops should provide a secure environment in which the user can effectively go about their tasks, without giving them the frustration of being 'locked out'. Here we've provided 5 tips to help you on your way to achieving flexible desktop lockdown.
It surprises me how few vendors use Active Directory Group Policy as a mechanism to centrally manage and deploy policy settings for their Windows based products, and instead build their own backend infrastructure for this purpose. I could rattle off a long list of benefits, including hierarchical management, a strong security model that includes delegated administration, built-in replication, stability and scalability, to name but a few.
As a new software release for least privilege leaves the building, it seemed an opportune time to start blogging, not to plug the release of course. Alright, I’m allowed one shameless plug in my first blog given the team have worked so hard on this release.