Viewfinity: Privilege Management from the Cloud to the Laptop

Updated: March 16, 2011

Windows 7 and Windows Server 2008 R2 each comes with AppLocker, a set of features designed to enhance the software restriction policies (SRPs) supported in previous Windows releases. (For more details about AppLocker and SRPs see the Microsoft TechNet article "AppLocker: IT's First Security Panacea?" by IT and Windows expert Greg Shields of Concentrated Technology.

AppLocker can enable and support a security philosophy growing in popularity and known as "approved execution." The term means what it says -- only approved programs are allowed to execute on protected systems, whether fixed or mobile clients or servers. After all, malware can't hurt your systems if you've got blacklists and whitelists that can determine what code, malware or otherwise, actually gets to run. (For more detailed discussion of approved execution, see the Redmond Magazine article (also by Greg Shields) "Approved Execution: The Security Mentality that Really Works.")

Approved execution is one element of a larger set of challenges and solutions some vendors refer to collectively as "least privileges." Basically, this means giving each user the minimum amount of access privileges needed by that person to do their work, to reduce unauthorized execution of malware or access to IT resources. And moving to Windows 7 provides a great opportunity to review and improve the policies and technologies your company's using to increase security and to control access privileges more effectively. But it's unlikely that every user on your network(s) will be moved to Windows 7 at the same time, and it's very likely that AppLocker alone won't solve all of your privileges management challenges.

Some potential help: Viewfinity, a leading player in this market, just announced version 3.5 of its Privilege Management solution. Three elements differentiate Viewfinity's approach to privilege management from those of competitors such as BeyondTrust and Avecto. One is that Viewfinity Privilege Management provides granular, role-based privilege management that you don't have to be an IT or security expert to make work. Another is that interoperates with Microsoft Active Directory but does not require or rely upon it. This means greater flexibility and continuing functionality even if Active Directory fails. The third is that it's Web/cloud-based. This means it's easier to incorporate protection of authorized mobile users (and rejection of unauthorized access or execution attempts).

Related Categories

Featured Research

SolarWinds MSP; Digimite Technology

more
Five Cyberthreats that Slip Past Traditional Antivirus

more
The Art of Organizing and Simplifying IT Support

Any operational business model relies heavily on IT support and the help desk to achieve maximum uptime for all IT systems. This white paper addresses ways for help desk analysts and IT support staff to easily and efficiently handle their workload by simplifying and automating processes to increase time and operational cost savings, enhance productivity, and boost customer satisfaction. more
2020 Wheelhouse Buyer’s Guide to APIs

more
2020 Security Software Buyer’s Guide

more