I know from my experience of deploying privilege management in global organizations that people think it’s going to be hard. Every organization is facing an endpoint security balancing act. On one hand employees, and their endpoints, need to be secure. But on the other hand, many employees require a free and flexible operating environment.
Few people would argue that implementing least privilege provides considerable security benefits, as removing admin rights eliminates the accidental or deliberate misuse of these privileges.
Solutions that provide application whitelisting or application control need to provide the administrator with a set of rules that can be used to precisely identify applications.
If you are interested in centralizing Windows events from your desktops or servers then you should take a serious look at Windows Event Forwarding. Event Forwarding is provided by Windows Remote Management (WinRM) and enables you to get events from remote computers and store them in the local event log of an event collector computer.
Desktop lockdown shouldn’t hinder a user from performing their day to day role. Rather, locking down desktops should provide a secure environment in which the user can effectively go about their tasks, without giving them the frustration of being 'locked out'. Here we've provided 5 tips to help you on your way to achieving flexible desktop lockdown.
It surprises me how few vendors use Active Directory Group Policy as a mechanism to centrally manage and deploy policy settings for their Windows based products, and instead build their own backend infrastructure for this purpose. I could rattle off a long list of benefits, including hierarchical management, a strong security model that includes delegated administration, built-in replication, stability and scalability, to name but a few.
As a new software release for least privilege leaves the building, it seemed an opportune time to start blogging, not to plug the release of course. Alright, I’m allowed one shameless plug in my first blog given the team have worked so hard on this release.