Advertisement

Tutorials

Home Press Releases IDC Recommends Removing Admin ...

Press Releases by CGIDir


IDC Recommends Removing Administrative Rights to Realize IT Labor Savings of $120/PC/Year


December 18, 2006; 03:29 AM
IDC, the premier global provider of market intelligence for information technology markets, concluded that organizations save an average of $120/PC/year and increase service levels by removing administrative rights from PCs and pushing down configuration settings with group policies. Many IT departments find removing administrative rights from PCs challenging according to the Microsoft sponsored study, “The Relationship Between IT Labor Costs and Best Practices for Identity and Access Management with Active Directory.” Many critical business applications require these rights. IDC notes that deploying BeyondTrust software will enable enterprises to overcome these challenges and enable the best practice of removing administrative rights.

“If an organization is unable to stop using applications that require administrative privileges, then they will benefit greatly from deploying software such as BeyondTrust Privilege Manager to enable ‘standard users’ to run those applications,” said Thomas Dawkins, Sr. Security Marketing Manager for Microsoft. “Many companies have corporate security policies that mandate the removal of administrative rights from PCs and users to prevent the users from changing Group Policy settings and installing unauthorized applications, whether intentionally or through the inadvertent installation of malware. Support for least privilege with products like BeyondTrust Privilege Manager further demonstrates that Windows Vista is the best choice for businesses that require a secure IT ecosystem.”

Marco Peretti, CTO of BeyondTrust and architect of the first product to enable the security best practice of Least Privilege in Windows environments, agrees with IDC’s recommendations. “Allowing a user to be an administrator on their PC ensures that they can manipulate and modify client-based Group Policy data to their heart’s content, effectively gutting the Windows security model and eliminating the value that Group Policy provides in managed Windows environments,” said Peretti. “With BeyondTrust Privilege Manager, all users can be restricted users while securely using applications that require administrative privileges. Privilege Manager accomplishes this by reducing or elevating privileges on a per-application or per-task basis."

The IDC study states that IT labor savings are achieved by managing fewer PC configurations. If administrative rights are not removed, within a few hours of deployment users often begin to change settings, jeopardizing security and reliability.

“A huge security problem that Windows enterprises face is that many users must be given administrative privileges in order to run required applications. However, as we have seen, administrative privileges are easily exploited by zero-day threats and malicious users. So you have to ask yourself if you trust your users and existing security defenses,” said John Moyer, CEO of BeyondTrust. “BeyondTrust helps customers move beyond the state of trusting users and systems with excess privileges, enabling the implementation of a Least Privilege security model. All users can be restricted users by securely elevating the privileges of selected applications.”

About BeyondTrust

BeyondTrust Privilege Manager was the first product to allow administrators to assign permissions to applications and tasks, enabling the security best practice of Least Privilege in Windows environments. BeyondTrust Privilege Manager has won many prestigious awards, including “Excellence in Management of Least Privilege - Customer Trust 2006“ (Info Security Products Guide), “Best of TechEd 2006 - Security Finalist “ (Windows IT Pro/SQL Server Magazine), and “Best Product of 2005 - Policy Management” (MSD2D People’s Choice Security Award). For more information, visit www.beyondtrust.com.



Advertisement

Partners

Related Resources

Other Resources

image arrow