Free Software Identifies Applications Requiring Administrator Rights

  • By James E. Powell
  • 03/21/08
##AUTHORSPLIT##<--->

Enterprises can now more easily determine which applications their employees run that require administrative rights, a condition that makes the environment more susceptible to malicious users and viruses and prevents compliance with regulations such as the Sarbanes-Oxley Act and HIPAA. BeyondTrust’s free Application Rights Auditor automatically identifies and reports Windows applications that need elevated user rights.

Once these applications are identified, enterprises can remove users’ administrative rights without any application downtime, creating a more secure and compliant environment and lowering the cost of Windows system administration. The company says that before this tool was released, enterprises had to rescind rights from every user and see which applications broke or to examine each installed application individually.

"Enterprises are quickly waking up to the danger of elevated privileges and the need to remove administrator rights but until now it has been prohibitively time-consuming to identify which applications would break if those rights were removed,” said BeyondTrust CEO John Moyer in a statement. “BeyondTrust Application Rights Auditor automatically identifies which applications require users to have elevated privileges so enterprises can quickly know the actions they need to take to protect themselves and keep employees doing their jobs."

Granting employees elevated rights presents a security risk because it makes malicious software easier to install, thus increasing the potential damage from malware. Administrative rights also allow users to circumvent security policies so they can install unauthorized applications or make unauthorized changes to a standard desktop configuration. Recognizing the problem, the U.S. government now requires administrator rights be removed from Windows desktops at all government agencies as part of the Federal Desktop Core Configuration mandate.

Application Rights Auditor includes a Microsoft Management Console (MMC) snap-in and a desktop component. After the desktop component is installed, it transparently examines applications as they run and sends encrypted log files to a secure server. Centralized reports can be viewed using the MMC.

The company says that the Application Rights Auditor reports increase compliance with Federal Desktop Core Configurations, Sarbanes-Oxley, the PCI Security Standard, and other regulations by providing a clear report of the installed applications that require elevated permissions.

BeyondTrust Application Rights Auditor is available as a free download at http://www.beyondtrust.com/products/ApplicationRightsAuditor.aspx.

The application supports Windows 2000, XP, Vista, Windows Server 2003 and 2008, and 64-bit Windows.

Get daily news from THE Journal's RSS News Feed

About the author: James E. Powell is the editorial director of Enterprise Strategies.

Proposals for articles and tips for news stories, as well as questions and comments about this publication, should be submitted to David Nagel, executive editor, at [email protected].

About the Author

This article is courtesy of Enterprise Systems. James E. Powell is editorial director of ESJ.com.

Featured

  • AI-powered individual working calmly on one side and a burnt-out person slumped over a laptop on the other

    AI's Productivity Gains Come at a Cost

    A recent academic study found that as companies adopt AI tools, they're not just streamlining workflows — they're piling on new demands. Researchers determined that "AI technostress" is driving burnout and disrupting personal lives, even as organizations hail productivity gains.

  • AI microchip under cybersecurity attack, surrounded by symbols of threats like a skull, spider, lock, and warning shield

    Report Finds Agentic AI Protocol Vulnerable to Cyber Attacks

    A new report from Backslash Security has identified significant security vulnerabilities in the Model Context Protocol (MCP), technology introduced by Anthropic in November 2024 to facilitate communication between AI agents and external tools.

  • laptop displaying a red padlock icon sits on a wooden desk with a digital network interface background

    Reports Point to Domain Controllers as Prime Ransomware Targets

    A recent report from Microsoft reinforces warns of the critical role Active Directory (AD) domain controllers play in large-scale ransomware attacks, aligning with U.S. government advisories on the persistent threat of AD compromise.

  • educators seated at a table with a laptop and tablet, against a backdrop of muted geometric shapes

    HMH Forms Educator Council to Inform AI Tool Development

    Adaptive learning company HMH has established an AI Educator Council that brings together teachers, instructional coaches and leaders from school district across the country to help shape its AI solutions.