Click here to receive your FREE subscription to Campus Technology
News
Free Software Identifies Applications Requiring Administrator Rights
3/24/2008
Enterprises can now more easily determine which applications their employees run that require administrative rights, a condition that makes the environment more susceptible to malicious users and viruses and prevents compliance with regulations such as the Sarbanes-Oxley Act and HIPAA. BeyondTrust’s free Application Rights Auditor automatically identifies and reports Windows applications that need elevated user rights.
Once these applications are identified, enterprises can remove users’ administrative rights without any application downtime, creating a more secure and compliant environment and lowering the cost of Windows system administration. The company says that before this tool was released, enterprises had to rescind rights from every user and see which applications broke or to examine each installed application individually.
"Enterprises are quickly waking up to the danger of elevated privileges and the need to remove administrator rights but until now it has been prohibitively time-consuming to identify which applications would break if those rights were removed,” said BeyondTrust CEO John Moyer in a statement. “BeyondTrust Application Rights Auditor automatically identifies which applications require users to have elevated privileges so enterprises can quickly know the actions they need to take to protect themselves and keep employees doing their jobs."
Granting employees elevated rights presents a security risk because it makes malicious software easier to install, thus increasing the potential damage from malware. Administrative rights also allow users to circumvent security policies so they can install unauthorized applications or make unauthorized changes to a standard desktop configuration. Recognizing the problem, the U.S. government now requires administrator rights be removed from Windows desktops at all government agencies as part of the Federal Desktop Core Configuration mandate.
Application Rights Auditor includes a Microsoft Management Console (MMC) snap-in and a desktop component. After the desktop component is installed, it transparently examines applications as they run and sends encrypted log files to a secure server. Centralized reports can be viewed using the MMC.
The company says that the Application Rights Auditor reports increase compliance with Federal Desktop Core Configurations, Sarbanes-Oxley, the PCI Security Standard, and other regulations by providing a clear report of the installed applications that require elevated permissions.
BeyondTrust Application Rights Auditor is available as a free download at http://www.beyondtrust.com/products/ApplicationRightsAuditor.aspx.
The application supports Windows 2000, XP, Vista, Windows Server 2003 and 2008, and 64-bit Windows.
James E. Powell is the editorial director of Enterprise Strategies.
Cite this Site
copy text (above) for proper citation
Recommended Reading
- Microsoft Mends Breach in Open Source Sandcastle
Microsoft has released all of the source code used in its Sandcastle project, which is now published at the CodePlex open source developer's Web site, according to a blog. Sandcastle helps developers of managed class libraries create uniform documentation on their projects, using MSDN style.
- Lumens Debuts SXGA Document Camera
Lumens Integration this week debuted a new document camera and presentation system called the DC260 SXGA Digital Visual Presenter. The new gooseneck-style system is the first in Lumens' document camera lineup to support HD output via HDMI.
- U Liverpool Deploys iSCSI in Virtualized SAN
The University of Liverpool Department of Computer Science is moving away from direct-attached RAIDs to a virtualized SAN environment using StorMagic's SM Series iSCSI Storage Area Network.
- Indiana U, Wayne State Teams Capture Wins in Imagine Cup 2008
Winners of the 2008 Imagine Cup technology competition were announced Tuesday in Paris. Student teams from American universities took top honors in two categories and earned achievement awards in other areas. Microsoft, which hosted the event, said it was the most successful run for American teams in the Cup's six-year history.
- IE Is Least-Patched Browser, Report Says
According to a report released last Tuesday, more than 40 percent of Internet surfers don't use browsers with up-to-date security patches--and Internet Explorer users are the biggest culprits.
- Ballmer Wants Board Change at Yahoo
Microsoft's executives have been talking with investor and corporate raider Carl Icahn about renewed plans for Microsoft to acquire part or all of Yahoo, provided that Yahoo's board is replaced. The details were described in an open letter issued Monday by Icahn, which is addressed to Yahoo's shareholders.
