SlideShare une entreprise Scribd logo

Viewfinity Privilege Management

A
akeophila

Viewfinity offers the following Privilege Management features: • Elevate Privileges • Policy Management • Block Application/Whitelisting • Activity Auditing • Policy Auditing • Support for FDCC, SOX, PCI Compliance and other desktop-level control procedures

Technologie
1  sur  5
Télécharger pour lire hors ligne
Viewfinity Privilege Management Solution Suite Features Protecting Against Advanced Persistent Threats Many enterprises are implementing least privileges as a fundamental layer of protection for desktop environments, further protecting against malware and Advanced Persistent Threats. By locking down desktops, endpoints are less vulnerability to hackers, malware, and embarrassing security breaches that could prove costly to your company’s reputation and bottom line. Viewfinity provides enterprises with the solutions needed to manage and execute an end-to-end automated and non-disruptive move to a least privileges environment. Better IT Security Control through Privilege Management Viewfinity Privilege Management offers IT Administrators flexible control over the types of applications and privileges your workforce are allowed. Through the use of automated policy settings, corporate mandates can be managed for multiple dimensions of configurable, logical groupings: departments, applications, end users, connectivity status, time of day and more. Our application control policies and privilege management features offer a flexible yet secure approach to ensuring all your laptops and desktops automatically adhere to your corporate regulations. Active Directory Our Privilege Management features are integrated with Active Directory however, Viewfinity does not require laptops or desktops to be part of the Active Directory domain or to be directly connected to the corporate network in order to activate policies that manage administrator privileges. As soon as the PC connects to the internet, Viewfinity delivers the policies and rules established by the IT Administrator. Once delivered, all policies continue to be enforced even while working offline. Viewfinity offers the following Privilege Management features: • Elevate Privileges • Policy Management • Block Application/Whitelisting • Activity Auditing • Policy Auditing • Support for FDCC, SOX, PCI Compliance and other desktop-level control procedures Flexible, Configurable Rules Rules are customizable by groups, by application, and even by time period as defined by your corporate IT hierarchy and policies. Corresponding alerts are set to monitor desktops and notify system administrators, and for specific predetermined guidelines, take action in the event of any end user policy violation. This ensures that the time and investment made by IT departments setting corporate IT policies are enforced automatically in real-time, without intervention by IT staff. 1050 Winter Street  Waltham, MA 02451  781.522.7474  www.viewfinity.com
Corporate Compliance Adherence Management sets forth regulatory and corporate compliance objectives based on the risks and requirements of the business, and IT is responsible for enforcing these objectives through rules and policies. IT is also responsible for ensuring compliance with software licensing agreements, even on machines that are frequently outside of the corporate network. Due to limitations in available privilege management tools, enforcement tactics are often overly restrictive at the desktop-level in order to meet all compliance objectives set forth by the company. An effective privilege management tool allows policies to be designed and enforced in a way that achieves the objectives of the company without creating unnecessary restrictions on the end user. This type of customization capability requires granular application-level enforcement and control on each individual desktop, with enough intelligence built-in so that the IT management process is automated and simplified as much as possible. For example, applications can be white listed by time slot whereby enabling/disabling access to certain applications during working hours or weekends. By leveraging encapsulation, Viewfinity’s Privilege Management features provide this type of application-level control and policy customization on the desktop. Many policies that formerly required complete lockdown can now be enforced without creating excessive limitations on the end user machine. Flexible Implementation Methodologies Viewfinity Privilege Management can be implemented through our SaaS/Cloud platform or via your on-premise servers as a private cloud, or as an extension to Group Policy, enabling policies to be managed through the standard Group Policy Management tools. Privilege Management Functionality Components Elevate Privileges Certain Windows applications and desktop functions require local administrative privileges in order to run and function properly on a desktop or laptop. Granting Full Administrator Rights creates a less secure desktop environment and opens the door for malicious hackers and viruses, thus organizations consider the practice of granting Administrator Rights to standard users to be risky. It also breaches compliance regulations posed by the Sarbanes-Oxley Act and HIPAA. Additionally, the US Government Federal Desktop Core Configuration (FDCC) mandate stipulates that administrative rights cannot be granted to end users and may not be made available on federal desktops and laptops. Viewfinity solves this problem by elevating administrative rights for certain processes or applications rather than at the user account level. When permissions are raised, the elevation is performed directly within the security token of the user account. The application or process is started using the current user credentials as opposed to using RUN AS which needs the Administrative account in order to raise privileges. The RUN AS method potentially introduces security risks and issues for changes that are written into current user registry. All elevation rules are applied in a real time and do not require users to cycle through the log off/log on process. Viewfinity doesn’t require desktops to be part of the domain or to be attached 1050 Winter Street  Waltham, MA 02451  781.522.7474  www.viewfinity.com
to the corporate network in order for privilege elevation policies to be delivered. Detailed reporting provides intelligence on all administrator privilege policies, including an audit trail report that provides confirmation that a policy has been delivered and activated on endpoint devices. Elevate Privileges supports ActiveX Controls, printer installations, computer management functions, and applications requiring administrator rights for local, remote and mobile users. Policies are delivered as soon as the PC connects to the internet. Benefits and Features: Key Benefits of Elevate Privileges: Key Features of Elevate Privileges: •Automates privilege management by bringing •ActiveX: Manages permissions for non- endpoints into full compliance with corporate administrative users to install ActiveX Controls software policies as soon as they connect to the Internet •Printers: Manages permissions for non- administrative users to install printers • Ensures Federal FDCC, SOX, HIPPA and FDCC compliance through centralized control and •Computer Management Functions: Raises regulation of PC administrative rights privileges to perform specific administrative functions (Device Management, Disk • Increases user satisfaction by providing flexible Defragmenter, Manage Services and User application policies instead of completely Accounts & Shares) blocking non-standard applications •Applications: Elevates administrative privileges •Prevents the use of applications that create for approved applications without compromising security risks security on the PC (managed via central console, no desk-side visits required) •Reduces probability of malicious and virus attack on corporate laptops & desktops •Remote/Mobile Clients: Automatically delivers policy to remote clients as soon as the PC •Eliminates security risks by attaching connects to the internet administrative rights to Windows applications and processes rather than adding users to the •Reports: Confirms policy delivery status to administrators group ensure policies were applied •Administrators can create policies that will •Identifies applications that require execute scripts without needing to assign local administrator rights before removing administrator rights to the end user privileges Block Application Each organization has list of known applications which they do not want installed on its corporate desktops. In some cases, IT may want to permanently prevent users from installing certain applications, while for other applications, blocking the execution of an application may be a temporary measure. In order to stop unwanted software installations, some organizations opt to completely lockdown its desktops. This approach can be unproductive for end users as it doesn’t offer any flexibility for supporting non-standard requirements, such as the needs of traveling or remote users. Using Viewfinity, the IT Administrator may establish policies that identify applications (by group if needed) that should be blocked from executing on corporate desktops and laptops. For example, the Brokerage division has a specific policy that prohibits any Instant Messaging software form executing. Viewfinity automatically enforces this policy for members of the Brokerage group, ensuring that these PCs are intact with corporate compliance regulations. Policies can be set for 1050 Winter Street  Waltham, MA 02451  781.522.7474  www.viewfinity.com
multiple combinations software such as Skype, ICQ, Yahoo Messenger, AOL, etc. Policies can also be flagged to unblock usage of specific applications while the end user is not connected to the corporate network. Benefits and Features of Block Application : Key Benefits of Block Application: Key Features of Block Application: •Secures desktops & laptops by blocking • Allows logical grouping of business applications execution of black listed software and sets protection policies based on business unit's common applications, roles, etc. • Easily implements polices on PCs located outside of your corporate network •Creates work and home profiles containing applications that can be activated / deactivated • Prevents the use of applications that create accordingly security risks •Provides flexible application lockdown and •Reduces the time IT spends maintaining a maintains standard application configurations standard desktop image used to rollback to protected state •Manages and secures applications from a Central •Provides flexible scheduler allowing applications Management Console - no need for individual to be block based on timeframe desk-side visits •Ability to apply "block" policies based end user location (on/off ) corporate network •Permits or blocks the use of child processes Policy Automation powered by Zero Touch Technology Viewfinity’s Policy Automation is the automatic detection and capture of the need for elevated permissions, combined with the ability to create the appropriate policy and authorize the privilege elevation request on the fly. When an end-user tries to run a particular application or perform a task that requires elevated permissions, the Viewfinity Agent automatically detects this and opens a dialog box where the user can enter his business justification for using this particular application. The Viewfinity agent automatically routes the request to the IT Administrator via the Viewfinity Console, or by way of a report or an email. The IT Administrator can approve and activate the policy and elevate the privilege on the fly. Prior to approval, the IT Administrator can review the business justification provided by the end user as well as information about applications or task from the computer/user that initiated the request. Information related to Applications, ActiveX, Administrative Task, Scripts, etc. is automatically collected during the Policy Automation process. Policies are automatically created without manual intervention. Viewfinity Local Admin Discovery This complimentary tool identifies user accounts and groups that are members of the local “Administrators” built-in user group on computers in your Windows domain. Having detailed information related to which users and groups have administrator rights on corporate desktops allows you to reassess who should have these rights. Once the analysis has been run, IT Administrators can take action, if needed, by removing the users or suspicious groups from the Administrators group. 1050 Winter Street  Waltham, MA 02451  781.522.7474  www.viewfinity.com
Pre-Discover Applications Requiring Elevated Permissions Silently gather information and monitor which applications, processes, and administrative actions will require administrative permission before users are removed from the local admin group. Our Application Admin Rights Analysis is based on end user activity and is collected over a period of time to ensure all events are captured. Once the collection and analysis is completed, policies to elevate privileges can be automatically created and prepared in advance so that when administrative rights are removed, the policies are in place to ensure a non-disruptive move to least privileges. Activity Auditing Viewfinity supports real-time monitoring and recording of laptop, desktop and application events, providing the administrator with an auditable record of all changes being made on the laptop or desktop. Viewfinity’s precise activity recording feature provides a picture of all meaningful user/application activity for every laptop and desktop. When an audit needs to be performed on a specific PC, our Activity Recording feature both expedites the process, as well as aiding in the interpretation of the results of information collected. The IT Administrator simply accesses the desktop activity journal for the specific end user and a record of all recent desktop activities appears. Video Audit / Policy Audit A key component for policy management is the ability to audit and report on the status of privilege management policies. Administrators should not have to go through the process of remotely connect to a PC to validate that a policy is in effect. Instead, IT needs centralized management capabilities to report on and review the status of policies to determine whether they have been successfully delivered and are activated. During a corporate audit, it is critical to know which applications are running with elevated rights, which are blocked, and to monitor the administrator who is enforcing these rules. Screen recording per Application/Policy: Automatically creates and stores a screen recorded video of user activity based upon a particular application or policy. IT Administrators can elect to record user actions based upon specific policies and/or applications. This feature has wide-spread usage and appeal considering the type of information that can be recorded and used for policy auditing purposes. For example, you can monitor a user session during which the user has elevated permissions to install an application or it can be used for monitoring suspicious user activity. Screen recordings can be stored locally or on a network share. Administrator's actions log and reporting: When an admin creates a policy, there is a corresponding audit log that tracks the administrator’s actions and activity. Senior IT management and audit teams gain a clear understand of which policies are being activated/deactivated, created, and removed by the IT team. Integration of policy reports with SCCM Viewfinity offers an add-on component which is deployed on SCCM server that reports privilege management policy usage status and information regarding privilege access request from end users. The SCCM agent can collect Viewfinity policy events such as policy usage, insufficient privileges to install applications or ActiveX, requests from users to perform Administrative tasks such as disk defragmentation or the ability to change power options, etc. All information collected is transferred to the SCCM server through the add-on component. The status of Viewfinity policies and privilege access requests are tracked through the SCCM Console. This helps IT administrators by providing general system management tasks and privilege access activity from one management console. 1050 Winter Street  Waltham, MA 02451  781.522.7474  www.viewfinity.com

Recommandé

Viewfinity Privilege Management Support for FDCC & USGCB
Viewfinity Privilege Management Support for FDCC & USGCBViewfinity Privilege Management Support for FDCC & USGCB
Viewfinity Privilege Management Support for FDCC & USGCBakeophila
 
Viewfinity Product Overview
Viewfinity Product OverviewViewfinity Product Overview
Viewfinity Product Overviewakeophila
 
SCCM 2007 Presentation
SCCM 2007 PresentationSCCM 2007 Presentation
SCCM 2007 PresentationFaisal Alvi [MCTS]
 
Desktop Management: Achieving Unrivaled Performance
Desktop Management: Achieving Unrivaled PerformanceDesktop Management: Achieving Unrivaled Performance
Desktop Management: Achieving Unrivaled PerformanceScriptLogic
 
System Center Endpoint Protection 2012 R2
System Center Endpoint Protection 2012 R2System Center Endpoint Protection 2012 R2
System Center Endpoint Protection 2012 R2Norman Mayes
 
System Center Configuration Manager and Mobile Device Management
System Center Configuration Manager and Mobile Device ManagementSystem Center Configuration Manager and Mobile Device Management
System Center Configuration Manager and Mobile Device ManagementC/D/H Technology Consultants
 
Software License Optimization Managed Services
Software License Optimization Managed ServicesSoftware License Optimization Managed Services
Software License Optimization Managed ServicesFlexera
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1solarisyougood
 

Recommandé

Viewfinity Privilege Management Support for FDCC & USGCB
Viewfinity Privilege Management Support for FDCC & USGCBViewfinity Privilege Management Support for FDCC & USGCB
Viewfinity Privilege Management Support for FDCC & USGCBakeophila
 
Viewfinity Product Overview
Viewfinity Product OverviewViewfinity Product Overview
Viewfinity Product Overviewakeophila
 
SCCM 2007 Presentation
SCCM 2007 PresentationSCCM 2007 Presentation
SCCM 2007 PresentationFaisal Alvi [MCTS]
 
Desktop Management: Achieving Unrivaled Performance
Desktop Management: Achieving Unrivaled PerformanceDesktop Management: Achieving Unrivaled Performance
Desktop Management: Achieving Unrivaled PerformanceScriptLogic
 
System Center Endpoint Protection 2012 R2
System Center Endpoint Protection 2012 R2System Center Endpoint Protection 2012 R2
System Center Endpoint Protection 2012 R2Norman Mayes
 
System Center Configuration Manager and Mobile Device Management
System Center Configuration Manager and Mobile Device ManagementSystem Center Configuration Manager and Mobile Device Management
System Center Configuration Manager and Mobile Device ManagementC/D/H Technology Consultants
 
Software License Optimization Managed Services
Software License Optimization Managed ServicesSoftware License Optimization Managed Services
Software License Optimization Managed ServicesFlexera
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1solarisyougood
 
2011 11-28 sccm-2012_technical_overview
2011 11-28 sccm-2012_technical_overview2011 11-28 sccm-2012_technical_overview
2011 11-28 sccm-2012_technical_overviewfannaq786
 
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Nordic Infrastructure Conference
 
Mdop session from Microsoft partner boot camp
Mdop session from Microsoft partner boot campMdop session from Microsoft partner boot camp
Mdop session from Microsoft partner boot campOlav Tvedt
 
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaSccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaMicrosoft Singapore
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012Nicolai Henriksen
 
SCEP 2012 inside SCCM 2012
SCEP 2012 inside SCCM 2012SCEP 2012 inside SCCM 2012
SCEP 2012 inside SCCM 2012Microsoft TechNet - Belgium and Luxembourg
 
System Center Configuration Manager 2012 Overview
System Center Configuration Manager 2012 OverviewSystem Center Configuration Manager 2012 Overview
System Center Configuration Manager 2012 OverviewAmit Gatenyo
 
Feb Webcast - Be Smart & Stay Lean
Feb Webcast - Be Smart & Stay LeanFeb Webcast - Be Smart & Stay Lean
Feb Webcast - Be Smart & Stay Leanjmustac
 
User Acess Request
User Acess RequestUser Acess Request
User Acess RequestSynergy Computer Solutions
 
Owny IT Desktop Monitoring Featurelist
Owny IT Desktop Monitoring FeaturelistOwny IT Desktop Monitoring Featurelist
Owny IT Desktop Monitoring FeaturelistNCS Computech Ltd.
 
Sccm 2012
Sccm 2012Sccm 2012
Sccm 2012ebuc
 
Altiris IT Management Suite 7
Altiris IT Management Suite 7Altiris IT Management Suite 7
Altiris IT Management Suite 7Symantec
 
Windows Intune: Simplify Your PC Management
Windows Intune: Simplify Your PC ManagementWindows Intune: Simplify Your PC Management
Windows Intune: Simplify Your PC ManagementC/D/H Technology Consultants
 
Microsoft System Center Configuration Manager 2012 R2 Installation
Microsoft System Center Configuration Manager 2012 R2 InstallationMicrosoft System Center Configuration Manager 2012 R2 Installation
Microsoft System Center Configuration Manager 2012 R2 InstallationShahab Al Yamin Chawdhury
 
Mobile device management presentation
Mobile device management presentationMobile device management presentation
Mobile device management presentationratneshsinghparihar
 
FlexNet Operations
FlexNet OperationsFlexNet Operations
FlexNet OperationsFlexera
 
SCUG.DK: Protecting Company Data using EMS, April 2015
SCUG.DK: Protecting Company Data using EMS, April 2015SCUG.DK: Protecting Company Data using EMS, April 2015
SCUG.DK: Protecting Company Data using EMS, April 2015Ronni Pedersen
 
Overview one pager
Overview one pagerOverview one pager
Overview one pagerAndrew Keenan
 
SCUG.dk Windows 10 Management - September 2015
SCUG.dk Windows 10 Management - September 2015SCUG.dk Windows 10 Management - September 2015
SCUG.dk Windows 10 Management - September 2015Ronni Pedersen
 
Compliance in Virtualized Environments
Compliance in Virtualized EnvironmentsCompliance in Virtualized Environments
Compliance in Virtualized EnvironmentsSeccuris Inc.
 
SailPoint VS CyberArk.pdf
SailPoint VS CyberArk.pdfSailPoint VS CyberArk.pdf
SailPoint VS CyberArk.pdfVishnuGone
 
AccessPaaS by SafePaaS
AccessPaaS by SafePaaSAccessPaaS by SafePaaS
AccessPaaS by SafePaaSJane Jones
 

Contenu connexe

Tendances

2011 11-28 sccm-2012_technical_overview
2011 11-28 sccm-2012_technical_overview2011 11-28 sccm-2012_technical_overview
2011 11-28 sccm-2012_technical_overviewfannaq786
 
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Nordic Infrastructure Conference
 
Mdop session from Microsoft partner boot camp
Mdop session from Microsoft partner boot campMdop session from Microsoft partner boot camp
Mdop session from Microsoft partner boot campOlav Tvedt
 
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaSccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaMicrosoft Singapore
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012Nicolai Henriksen
 
System Center Configuration Manager 2012 Overview
System Center Configuration Manager 2012 OverviewSystem Center Configuration Manager 2012 Overview
System Center Configuration Manager 2012 OverviewAmit Gatenyo
 
Feb Webcast - Be Smart & Stay Lean
Feb Webcast - Be Smart & Stay LeanFeb Webcast - Be Smart & Stay Lean
Feb Webcast - Be Smart & Stay Leanjmustac
 
Owny IT Desktop Monitoring Featurelist
Owny IT Desktop Monitoring FeaturelistOwny IT Desktop Monitoring Featurelist
Owny IT Desktop Monitoring FeaturelistNCS Computech Ltd.
 
Sccm 2012
Sccm 2012Sccm 2012
Sccm 2012ebuc
 
Altiris IT Management Suite 7
Altiris IT Management Suite 7Altiris IT Management Suite 7
Altiris IT Management Suite 7Symantec
 
Microsoft System Center Configuration Manager 2012 R2 Installation
Microsoft System Center Configuration Manager 2012 R2 InstallationMicrosoft System Center Configuration Manager 2012 R2 Installation
Microsoft System Center Configuration Manager 2012 R2 InstallationShahab Al Yamin Chawdhury
 
Mobile device management presentation
Mobile device management presentationMobile device management presentation
Mobile device management presentationratneshsinghparihar
 
FlexNet Operations
FlexNet OperationsFlexNet Operations
FlexNet OperationsFlexera
 
SCUG.DK: Protecting Company Data using EMS, April 2015
SCUG.DK: Protecting Company Data using EMS, April 2015SCUG.DK: Protecting Company Data using EMS, April 2015
SCUG.DK: Protecting Company Data using EMS, April 2015Ronni Pedersen
 
SCUG.dk Windows 10 Management - September 2015
SCUG.dk Windows 10 Management - September 2015SCUG.dk Windows 10 Management - September 2015
SCUG.dk Windows 10 Management - September 2015Ronni Pedersen
 
Compliance in Virtualized Environments
Compliance in Virtualized EnvironmentsCompliance in Virtualized Environments
Compliance in Virtualized EnvironmentsSeccuris Inc.
 

Tendances (20)

2011 11-28 sccm-2012_technical_overview
2011 11-28 sccm-2012_technical_overview2011 11-28 sccm-2012_technical_overview
2011 11-28 sccm-2012_technical_overview
 
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
 
Mdop session from Microsoft partner boot camp
Mdop session from Microsoft partner boot campMdop session from Microsoft partner boot camp
Mdop session from Microsoft partner boot camp
 
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaSccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estonina
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012
 
SCEP 2012 inside SCCM 2012
SCEP 2012 inside SCCM 2012SCEP 2012 inside SCCM 2012
SCEP 2012 inside SCCM 2012
 
System Center Configuration Manager 2012 Overview
System Center Configuration Manager 2012 OverviewSystem Center Configuration Manager 2012 Overview
System Center Configuration Manager 2012 Overview
 
Feb Webcast - Be Smart & Stay Lean
Feb Webcast - Be Smart & Stay LeanFeb Webcast - Be Smart & Stay Lean
Feb Webcast - Be Smart & Stay Lean
 
User Acess Request
User Acess RequestUser Acess Request
User Acess Request
 
Owny IT Desktop Monitoring Featurelist
Owny IT Desktop Monitoring FeaturelistOwny IT Desktop Monitoring Featurelist
Owny IT Desktop Monitoring Featurelist
 
Sccm 2012
Sccm 2012Sccm 2012
Sccm 2012
 
Altiris IT Management Suite 7
Altiris IT Management Suite 7Altiris IT Management Suite 7
Altiris IT Management Suite 7
 
Windows Intune: Simplify Your PC Management
Windows Intune: Simplify Your PC ManagementWindows Intune: Simplify Your PC Management
Windows Intune: Simplify Your PC Management
 
Microsoft System Center Configuration Manager 2012 R2 Installation
Microsoft System Center Configuration Manager 2012 R2 InstallationMicrosoft System Center Configuration Manager 2012 R2 Installation
Microsoft System Center Configuration Manager 2012 R2 Installation
 
Mobile device management presentation
Mobile device management presentationMobile device management presentation
Mobile device management presentation
 
FlexNet Operations
FlexNet OperationsFlexNet Operations
FlexNet Operations
 
SCUG.DK: Protecting Company Data using EMS, April 2015
SCUG.DK: Protecting Company Data using EMS, April 2015SCUG.DK: Protecting Company Data using EMS, April 2015
SCUG.DK: Protecting Company Data using EMS, April 2015
 
Overview one pager
Overview one pagerOverview one pager
Overview one pager
 
SCUG.dk Windows 10 Management - September 2015
SCUG.dk Windows 10 Management - September 2015SCUG.dk Windows 10 Management - September 2015
SCUG.dk Windows 10 Management - September 2015
 
Compliance in Virtualized Environments
Compliance in Virtualized EnvironmentsCompliance in Virtualized Environments
Compliance in Virtualized Environments
 

Similaire à Viewfinity Privilege Management

SailPoint VS CyberArk.pdf
SailPoint VS CyberArk.pdfSailPoint VS CyberArk.pdf
SailPoint VS CyberArk.pdfVishnuGone
 
AccessPaaS by SafePaaS
AccessPaaS by SafePaaSAccessPaaS by SafePaaS
AccessPaaS by SafePaaSJane Jones
 
AccessPaaS (SafePaaS)
AccessPaaS (SafePaaS)AccessPaaS (SafePaaS)
AccessPaaS (SafePaaS)Emma Kelly
 
Flexera Software App Portal Datasheet
Flexera Software App Portal DatasheetFlexera Software App Portal Datasheet
Flexera Software App Portal DatasheetFlexera
 
IBM Endpoint Manager for Software Use Analysis (Overview)
IBM Endpoint Manager for Software Use Analysis (Overview)IBM Endpoint Manager for Software Use Analysis (Overview)
IBM Endpoint Manager for Software Use Analysis (Overview)Kimber Spradlin
 
Performing One Audit Using Zero Trust Principles
Performing One Audit Using Zero Trust PrinciplesPerforming One Audit Using Zero Trust Principles
Performing One Audit Using Zero Trust PrinciplesControlCase
 
Agility Whitepaper
Agility WhitepaperAgility Whitepaper
Agility WhitepaperLinda Wales
 
Identity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - InfographicIdentity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - InfographicVMware Academy
 
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Software India
 
Compliance Management System
Compliance Management SystemCompliance Management System
Compliance Management SystemRituRaj212449
 
Bc product overview_v2c
Bc product overview_v2cBc product overview_v2c
Bc product overview_v2cSaurav Aich
 
FlexNet Manager Suite Cloud
FlexNet Manager Suite CloudFlexNet Manager Suite Cloud
FlexNet Manager Suite CloudFlexera
 
Compliance Management System
Compliance Management SystemCompliance Management System
Compliance Management SystemRituRaj212449
 
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanMicrosoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanDavid J Rosenthal
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldQuest
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itPeter Daalmans
 
Government Webinar: Five Essential IT Tools You Need Today
Government Webinar: Five Essential IT Tools You Need TodayGovernment Webinar: Five Essential IT Tools You Need Today
Government Webinar: Five Essential IT Tools You Need TodaySolarWinds
 
Enterprise Remote Support Datasheet - Lyra Infosystems
Enterprise Remote Support Datasheet - Lyra InfosystemsEnterprise Remote Support Datasheet - Lyra Infosystems
Enterprise Remote Support Datasheet - Lyra InfosystemsLyra Infosystems Pvt. Ltd
 
Solve Employee Experience, Security, and Silo Problems with HCL BigFix Workspace
Solve Employee Experience, Security, and Silo Problems with HCL BigFix WorkspaceSolve Employee Experience, Security, and Silo Problems with HCL BigFix Workspace
Solve Employee Experience, Security, and Silo Problems with HCL BigFix WorkspaceHCLSoftware
 
Introduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptxIntroduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptxArrow ECS UK
 

Similaire à Viewfinity Privilege Management (20)

SailPoint VS CyberArk.pdf
SailPoint VS CyberArk.pdfSailPoint VS CyberArk.pdf
SailPoint VS CyberArk.pdf
 
AccessPaaS by SafePaaS
AccessPaaS by SafePaaSAccessPaaS by SafePaaS
AccessPaaS by SafePaaS
 
AccessPaaS (SafePaaS)
AccessPaaS (SafePaaS)AccessPaaS (SafePaaS)
AccessPaaS (SafePaaS)
 
Flexera Software App Portal Datasheet
Flexera Software App Portal DatasheetFlexera Software App Portal Datasheet
Flexera Software App Portal Datasheet
 
IBM Endpoint Manager for Software Use Analysis (Overview)
IBM Endpoint Manager for Software Use Analysis (Overview)IBM Endpoint Manager for Software Use Analysis (Overview)
IBM Endpoint Manager for Software Use Analysis (Overview)
 
Performing One Audit Using Zero Trust Principles
Performing One Audit Using Zero Trust PrinciplesPerforming One Audit Using Zero Trust Principles
Performing One Audit Using Zero Trust Principles
 
Agility Whitepaper
Agility WhitepaperAgility Whitepaper
Agility Whitepaper
 
Identity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - InfographicIdentity Manager & AirWatch Cloud Mobile App - Infographic
Identity Manager & AirWatch Cloud Mobile App - Infographic
 
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
 
Compliance Management System
Compliance Management SystemCompliance Management System
Compliance Management System
 
Bc product overview_v2c
Bc product overview_v2cBc product overview_v2c
Bc product overview_v2c
 
FlexNet Manager Suite Cloud
FlexNet Manager Suite CloudFlexNet Manager Suite Cloud
FlexNet Manager Suite Cloud
 
Compliance Management System
Compliance Management SystemCompliance Management System
Compliance Management System
 
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanMicrosoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure it
 
Government Webinar: Five Essential IT Tools You Need Today
Government Webinar: Five Essential IT Tools You Need TodayGovernment Webinar: Five Essential IT Tools You Need Today
Government Webinar: Five Essential IT Tools You Need Today
 
Enterprise Remote Support Datasheet - Lyra Infosystems
Enterprise Remote Support Datasheet - Lyra InfosystemsEnterprise Remote Support Datasheet - Lyra Infosystems
Enterprise Remote Support Datasheet - Lyra Infosystems
 
Solve Employee Experience, Security, and Silo Problems with HCL BigFix Workspace
Solve Employee Experience, Security, and Silo Problems with HCL BigFix WorkspaceSolve Employee Experience, Security, and Silo Problems with HCL BigFix Workspace
Solve Employee Experience, Security, and Silo Problems with HCL BigFix Workspace
 
Introduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptxIntroduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptx
 

Dernier

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 

Dernier (20)

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 

Viewfinity Privilege Management

  • 1. Viewfinity Privilege Management Solution Suite Features Protecting Against Advanced Persistent Threats Many enterprises are implementing least privileges as a fundamental layer of protection for desktop environments, further protecting against malware and Advanced Persistent Threats. By locking down desktops, endpoints are less vulnerability to hackers, malware, and embarrassing security breaches that could prove costly to your company’s reputation and bottom line. Viewfinity provides enterprises with the solutions needed to manage and execute an end-to-end automated and non-disruptive move to a least privileges environment. Better IT Security Control through Privilege Management Viewfinity Privilege Management offers IT Administrators flexible control over the types of applications and privileges your workforce are allowed. Through the use of automated policy settings, corporate mandates can be managed for multiple dimensions of configurable, logical groupings: departments, applications, end users, connectivity status, time of day and more. Our application control policies and privilege management features offer a flexible yet secure approach to ensuring all your laptops and desktops automatically adhere to your corporate regulations. Active Directory Our Privilege Management features are integrated with Active Directory however, Viewfinity does not require laptops or desktops to be part of the Active Directory domain or to be directly connected to the corporate network in order to activate policies that manage administrator privileges. As soon as the PC connects to the internet, Viewfinity delivers the policies and rules established by the IT Administrator. Once delivered, all policies continue to be enforced even while working offline. Viewfinity offers the following Privilege Management features: • Elevate Privileges • Policy Management • Block Application/Whitelisting • Activity Auditing • Policy Auditing • Support for FDCC, SOX, PCI Compliance and other desktop-level control procedures Flexible, Configurable Rules Rules are customizable by groups, by application, and even by time period as defined by your corporate IT hierarchy and policies. Corresponding alerts are set to monitor desktops and notify system administrators, and for specific predetermined guidelines, take action in the event of any end user policy violation. This ensures that the time and investment made by IT departments setting corporate IT policies are enforced automatically in real-time, without intervention by IT staff. 1050 Winter Street  Waltham, MA 02451  781.522.7474  www.viewfinity.com
  • 2. Corporate Compliance Adherence Management sets forth regulatory and corporate compliance objectives based on the risks and requirements of the business, and IT is responsible for enforcing these objectives through rules and policies. IT is also responsible for ensuring compliance with software licensing agreements, even on machines that are frequently outside of the corporate network. Due to limitations in available privilege management tools, enforcement tactics are often overly restrictive at the desktop-level in order to meet all compliance objectives set forth by the company. An effective privilege management tool allows policies to be designed and enforced in a way that achieves the objectives of the company without creating unnecessary restrictions on the end user. This type of customization capability requires granular application-level enforcement and control on each individual desktop, with enough intelligence built-in so that the IT management process is automated and simplified as much as possible. For example, applications can be white listed by time slot whereby enabling/disabling access to certain applications during working hours or weekends. By leveraging encapsulation, Viewfinity’s Privilege Management features provide this type of application-level control and policy customization on the desktop. Many policies that formerly required complete lockdown can now be enforced without creating excessive limitations on the end user machine. Flexible Implementation Methodologies Viewfinity Privilege Management can be implemented through our SaaS/Cloud platform or via your on-premise servers as a private cloud, or as an extension to Group Policy, enabling policies to be managed through the standard Group Policy Management tools. Privilege Management Functionality Components Elevate Privileges Certain Windows applications and desktop functions require local administrative privileges in order to run and function properly on a desktop or laptop. Granting Full Administrator Rights creates a less secure desktop environment and opens the door for malicious hackers and viruses, thus organizations consider the practice of granting Administrator Rights to standard users to be risky. It also breaches compliance regulations posed by the Sarbanes-Oxley Act and HIPAA. Additionally, the US Government Federal Desktop Core Configuration (FDCC) mandate stipulates that administrative rights cannot be granted to end users and may not be made available on federal desktops and laptops. Viewfinity solves this problem by elevating administrative rights for certain processes or applications rather than at the user account level. When permissions are raised, the elevation is performed directly within the security token of the user account. The application or process is started using the current user credentials as opposed to using RUN AS which needs the Administrative account in order to raise privileges. The RUN AS method potentially introduces security risks and issues for changes that are written into current user registry. All elevation rules are applied in a real time and do not require users to cycle through the log off/log on process. Viewfinity doesn’t require desktops to be part of the domain or to be attached 1050 Winter Street  Waltham, MA 02451  781.522.7474  www.viewfinity.com
  • 3. to the corporate network in order for privilege elevation policies to be delivered. Detailed reporting provides intelligence on all administrator privilege policies, including an audit trail report that provides confirmation that a policy has been delivered and activated on endpoint devices. Elevate Privileges supports ActiveX Controls, printer installations, computer management functions, and applications requiring administrator rights for local, remote and mobile users. Policies are delivered as soon as the PC connects to the internet. Benefits and Features: Key Benefits of Elevate Privileges: Key Features of Elevate Privileges: •Automates privilege management by bringing •ActiveX: Manages permissions for non- endpoints into full compliance with corporate administrative users to install ActiveX Controls software policies as soon as they connect to the Internet •Printers: Manages permissions for non- administrative users to install printers • Ensures Federal FDCC, SOX, HIPPA and FDCC compliance through centralized control and •Computer Management Functions: Raises regulation of PC administrative rights privileges to perform specific administrative functions (Device Management, Disk • Increases user satisfaction by providing flexible Defragmenter, Manage Services and User application policies instead of completely Accounts & Shares) blocking non-standard applications •Applications: Elevates administrative privileges •Prevents the use of applications that create for approved applications without compromising security risks security on the PC (managed via central console, no desk-side visits required) •Reduces probability of malicious and virus attack on corporate laptops & desktops •Remote/Mobile Clients: Automatically delivers policy to remote clients as soon as the PC •Eliminates security risks by attaching connects to the internet administrative rights to Windows applications and processes rather than adding users to the •Reports: Confirms policy delivery status to administrators group ensure policies were applied •Administrators can create policies that will •Identifies applications that require execute scripts without needing to assign local administrator rights before removing administrator rights to the end user privileges Block Application Each organization has list of known applications which they do not want installed on its corporate desktops. In some cases, IT may want to permanently prevent users from installing certain applications, while for other applications, blocking the execution of an application may be a temporary measure. In order to stop unwanted software installations, some organizations opt to completely lockdown its desktops. This approach can be unproductive for end users as it doesn’t offer any flexibility for supporting non-standard requirements, such as the needs of traveling or remote users. Using Viewfinity, the IT Administrator may establish policies that identify applications (by group if needed) that should be blocked from executing on corporate desktops and laptops. For example, the Brokerage division has a specific policy that prohibits any Instant Messaging software form executing. Viewfinity automatically enforces this policy for members of the Brokerage group, ensuring that these PCs are intact with corporate compliance regulations. Policies can be set for 1050 Winter Street  Waltham, MA 02451  781.522.7474  www.viewfinity.com
  • 4. multiple combinations software such as Skype, ICQ, Yahoo Messenger, AOL, etc. Policies can also be flagged to unblock usage of specific applications while the end user is not connected to the corporate network. Benefits and Features of Block Application : Key Benefits of Block Application: Key Features of Block Application: •Secures desktops & laptops by blocking • Allows logical grouping of business applications execution of black listed software and sets protection policies based on business unit's common applications, roles, etc. • Easily implements polices on PCs located outside of your corporate network •Creates work and home profiles containing applications that can be activated / deactivated • Prevents the use of applications that create accordingly security risks •Provides flexible application lockdown and •Reduces the time IT spends maintaining a maintains standard application configurations standard desktop image used to rollback to protected state •Manages and secures applications from a Central •Provides flexible scheduler allowing applications Management Console - no need for individual to be block based on timeframe desk-side visits •Ability to apply "block" policies based end user location (on/off ) corporate network •Permits or blocks the use of child processes Policy Automation powered by Zero Touch Technology Viewfinity’s Policy Automation is the automatic detection and capture of the need for elevated permissions, combined with the ability to create the appropriate policy and authorize the privilege elevation request on the fly. When an end-user tries to run a particular application or perform a task that requires elevated permissions, the Viewfinity Agent automatically detects this and opens a dialog box where the user can enter his business justification for using this particular application. The Viewfinity agent automatically routes the request to the IT Administrator via the Viewfinity Console, or by way of a report or an email. The IT Administrator can approve and activate the policy and elevate the privilege on the fly. Prior to approval, the IT Administrator can review the business justification provided by the end user as well as information about applications or task from the computer/user that initiated the request. Information related to Applications, ActiveX, Administrative Task, Scripts, etc. is automatically collected during the Policy Automation process. Policies are automatically created without manual intervention. Viewfinity Local Admin Discovery This complimentary tool identifies user accounts and groups that are members of the local “Administrators” built-in user group on computers in your Windows domain. Having detailed information related to which users and groups have administrator rights on corporate desktops allows you to reassess who should have these rights. Once the analysis has been run, IT Administrators can take action, if needed, by removing the users or suspicious groups from the Administrators group. 1050 Winter Street  Waltham, MA 02451  781.522.7474  www.viewfinity.com
  • 5. Pre-Discover Applications Requiring Elevated Permissions Silently gather information and monitor which applications, processes, and administrative actions will require administrative permission before users are removed from the local admin group. Our Application Admin Rights Analysis is based on end user activity and is collected over a period of time to ensure all events are captured. Once the collection and analysis is completed, policies to elevate privileges can be automatically created and prepared in advance so that when administrative rights are removed, the policies are in place to ensure a non-disruptive move to least privileges. Activity Auditing Viewfinity supports real-time monitoring and recording of laptop, desktop and application events, providing the administrator with an auditable record of all changes being made on the laptop or desktop. Viewfinity’s precise activity recording feature provides a picture of all meaningful user/application activity for every laptop and desktop. When an audit needs to be performed on a specific PC, our Activity Recording feature both expedites the process, as well as aiding in the interpretation of the results of information collected. The IT Administrator simply accesses the desktop activity journal for the specific end user and a record of all recent desktop activities appears. Video Audit / Policy Audit A key component for policy management is the ability to audit and report on the status of privilege management policies. Administrators should not have to go through the process of remotely connect to a PC to validate that a policy is in effect. Instead, IT needs centralized management capabilities to report on and review the status of policies to determine whether they have been successfully delivered and are activated. During a corporate audit, it is critical to know which applications are running with elevated rights, which are blocked, and to monitor the administrator who is enforcing these rules. Screen recording per Application/Policy: Automatically creates and stores a screen recorded video of user activity based upon a particular application or policy. IT Administrators can elect to record user actions based upon specific policies and/or applications. This feature has wide-spread usage and appeal considering the type of information that can be recorded and used for policy auditing purposes. For example, you can monitor a user session during which the user has elevated permissions to install an application or it can be used for monitoring suspicious user activity. Screen recordings can be stored locally or on a network share. Administrator's actions log and reporting: When an admin creates a policy, there is a corresponding audit log that tracks the administrator’s actions and activity. Senior IT management and audit teams gain a clear understand of which policies are being activated/deactivated, created, and removed by the IT team. Integration of policy reports with SCCM Viewfinity offers an add-on component which is deployed on SCCM server that reports privilege management policy usage status and information regarding privilege access request from end users. The SCCM agent can collect Viewfinity policy events such as policy usage, insufficient privileges to install applications or ActiveX, requests from users to perform Administrative tasks such as disk defragmentation or the ability to change power options, etc. All information collected is transferred to the SCCM server through the add-on component. The status of Viewfinity policies and privilege access requests are tracked through the SCCM Console. This helps IT administrators by providing general system management tasks and privilege access activity from one management console. 1050 Winter Street  Waltham, MA 02451  781.522.7474  www.viewfinity.com