Free Software Identifies Applications Requiring Administrator Rights

  • By James E. Powell
  • 03/21/08
##AUTHORSPLIT##<--->

Enterprises can now more easily determine which applications their employees run that require administrative rights, a condition that makes the environment more susceptible to malicious users and viruses and prevents compliance with regulations such as the Sarbanes-Oxley Act and HIPAA. BeyondTrust’s free Application Rights Auditor automatically identifies and reports Windows applications that need elevated user rights.

Once these applications are identified, enterprises can remove users’ administrative rights without any application downtime, creating a more secure and compliant environment and lowering the cost of Windows system administration. The company says that before this tool was released, enterprises had to rescind rights from every user and see which applications broke or to examine each installed application individually.

"Enterprises are quickly waking up to the danger of elevated privileges and the need to remove administrator rights but until now it has been prohibitively time-consuming to identify which applications would break if those rights were removed,” said BeyondTrust CEO John Moyer in a statement. “BeyondTrust Application Rights Auditor automatically identifies which applications require users to have elevated privileges so enterprises can quickly know the actions they need to take to protect themselves and keep employees doing their jobs."

Granting employees elevated rights presents a security risk because it makes malicious software easier to install, thus increasing the potential damage from malware. Administrative rights also allow users to circumvent security policies so they can install unauthorized applications or make unauthorized changes to a standard desktop configuration. Recognizing the problem, the U.S. government now requires administrator rights be removed from Windows desktops at all government agencies as part of the Federal Desktop Core Configuration mandate.

Application Rights Auditor includes a Microsoft Management Console (MMC) snap-in and a desktop component. After the desktop component is installed, it transparently examines applications as they run and sends encrypted log files to a secure server. Centralized reports can be viewed using the MMC.

The company says that the Application Rights Auditor reports increase compliance with Federal Desktop Core Configurations, Sarbanes-Oxley, the PCI Security Standard, and other regulations by providing a clear report of the installed applications that require elevated permissions.

BeyondTrust Application Rights Auditor is available as a free download at http://www.beyondtrust.com/products/ApplicationRightsAuditor.aspx.

The application supports Windows 2000, XP, Vista, Windows Server 2003 and 2008, and 64-bit Windows.

Get daily news from THE Journal's RSS News Feed

About the author: James E. Powell is the editorial director of Enterprise Strategies.

Proposals for articles and tips for news stories, as well as questions and comments about this publication, should be submitted to David Nagel, executive editor, at [email protected].

About the Author

This article is courtesy of Enterprise Systems. James E. Powell is editorial director of ESJ.com.

Featured

  • students using digital devices, surrounded by abstract AI motifs and soft geometric design

    Ed Tech Startup Kira Launches AI-Native Learning Platform

    A new K-12 learning platform aims to bring personalized education to every student. Kira, one of the latest ed tech ventures from Andrew Ng, former director of Stanford's AI Lab and co-founder of Coursera and DeepLearning.AI, "integrates artificial intelligence directly into every educational workflow — from lesson planning and instruction to grading, intervention, and reporting," according to a news announcement.

  • toolbox featuring a circuit-like AI symbol and containing a screwdriver, wrench, and hammer

    Microsoft Launches AI Tools for Educators

    Microsoft has introduced a variety of AI tools aimed at helping educators develop personalized learning experiences for their students, create content more efficiently, and increase student engagement.

  • laptop displaying a red padlock icon sits on a wooden desk with a digital network interface background

    Reports Point to Domain Controllers as Prime Ransomware Targets

    A recent report from Microsoft reinforces warns of the critical role Active Directory (AD) domain controllers play in large-scale ransomware attacks, aligning with U.S. government advisories on the persistent threat of AD compromise.

  • Two hands shaking in the center with subtle technology icons, graphs, binary code, and a padlock in the dark blue background

    Two Areas for K-12 Schools to Assess for When to Work with a Managed Services Provider

    The complexity of today’s IT network infrastructure and increased cybersecurity risk are quickly moving beyond many school districts’ ability to manage on their own. But a new technology model, a partnership with a managed services provider, offers a way forward for schools to overcome these challenges.