BeyondTrust announced BeyondTrust Privilege Manager 3.0, the first product for efficiently managing user privileges in enterprise Windows Vista environments. Privilege Manager 3.0 enables end-users to run all required applications and perform all authorized system tasks on Windows Vista and 64-bit workstations and servers without administrative privileges. By transparently managing privileges, Privilege Manager prevents unauthorized malicious use, protects against malware and zero day threats, and increases productivity and compliance.
Originally developed by the Department of Defense over 30 years ago, the Principle of Least Privilege states that each subject in a system should be given the most restrictive set of privileges necessary to complete their authorized tasks in order to limit the damage resulting from accident, error or unauthorized use.
With Privilege Manager 3.0, BeyondTrust has extended the industry-first Least Privilege Management capabilities it currently provides for Windows 2000 and XP platforms to Windows Vista and 64-bit systems to fully support a blended OS environment. Privilege Manager gives organizations control over applications, software installations, ActiveX controls and system tasks that require elevated or administrative rights—all while keeping user systems locked down and preserving the user’s security context. Privilege Manager eliminates the usability and password management problems that arise when organizations improperly implement Least Privilege.
Privilege Manager 3.0 is implemented as a true Group Policy extension that allows administrators to attach permission levels to Windows applications. Applications, users and computers are targeted using standard Group Policy conventions and per-setting filters. Permissions and privileges are added and/or removed from the process token on the fly, to allow an organization to quickly get to a Least Privilege environment. As a result, when a user is not running an authorized task administrative permissions are not available—a critical component of a successful Least Privilege management model. To further simplify this process for enterprises, Privilege Manager 3.0 now features enhanced logging and feedback of required applications and privileges to facilitate the easy creation of new rules.