SlideShare a Scribd company logo

Kill Administrator: Fighting Back Against Admin Rights

S
ScriptLogic

We’re not talking about killing the Administrator. That would be you, and that would be wrong. Rather, it’s time we eliminated the role of Administrator from our Windows servers and desktops. Administrator privileges are Windows’ necessary evil. Why? Standard Windows user rights just aren’t powerful enough to accomplish many needed tasks, so users demand elevated rights for everything. That’s the problem with Administrator: You either have it or you don’t. With a new approach to delegating administrative privileges, you can granularly elevate privileges in applications and the operating system. Windows itself has such a solution in its built-in AppLocker functionality. AppLocker is a good tool to whitelist apps you’ve approved to run, but it isn’t without its shortfalls. Join Concentrated Technology’s Greg Shields and ScriptLogic’s Nick Calavancia as they compare the AppLocker approach with ScriptLogic’s Privilege Authority product. You’ll find that finding the right balance requires the right set of tools. In this webinar, we will cover: 1. Getting to least privilege – killing admin rights 2. Administrative granularity – balancing lockdown with productivity 3. Lockdown rules that work

Technology
1 of 37
Kill Administrator: Fighting Back Against Admin Rights Dial In: +1 (609) 318-0024 Access Code: 373-855-516 Or use your computer speakers Greg Shields, MVP Nick Cavalancia Partner and Principal Technologist VP, Windows Management www.ConcentratedTech.com ScriptLogic
About the Speakers Greg Shields Greg is a Senior Partner and Principal Technologist with Concentrated Technology. He is a Contributing Editor for TechNet Magazine and Redmond Magazine, and a Series Editor for Realtime Publishers. Greg is a sought-after and top- ranked speaker, seen regularly at conferences like TechMentor, Tech Ed, VMworld, and more. He is a multiple recipient of Microsoft "Most Valuable Professional" award with has received VMware's vExpert award. Nick Cavalancia Nick Cavalancia, MCSE/MCT/MCNE/MCNI, is ScriptLogic’s VP of Windows Management where he assists in driving innovation and the evangelism of ScriptLogic solutions. He has over 17 years of enterprise IT experience and is an accomplished consultant, trainer, speaker, columnist and author. He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange and other Microsoft technologies.
About ScriptLogic • Founded in 2000 • Focus on 4 key areas: • Desktop Management • Active Directory Management • Server Management • Help Desk Management • Customer Base • 30,800+ customers worldwide • From SMB to Fortune 100 • Headquartered in Boca Raton, Florida • Subsidiary of Quest Software since 2007
Privilege Authority • Lowest cost privilege management solution on the market • Two editions: Community Edition Professional Cost FREE Starts at $12/seat Access to Community ✔ ✔ Advanced Features ✔ Support Model Community Std. Tech. Support
Windows’ Necessary Evil. • Administrator privileges are Windows’ unfortunate, but necessary evil. • They were built into Windows. • They aren’t going anywhere. • Standard user rights aren’t powerful enough. • But “the evil” in Administrator creates a problem. • You either have it or you don’t. • Most of us need some subset of Administrator.
Your Goal: Kill Administrator • Eliminating “the Administrator” from administrator rights solves three big problems. • Problem One: Getting to Least Privilege • Problem Two: Evolving from On/Off to granular privilege management. • Problem Three: Finding privilege rules that work. • The Windows OS can’t do this. • You’ll need external tools to assist. • More on those tools in a minute.
The Principle of Least Privilege • “[The Principle of Least Privilege] requires that… • each subject in a system be granted the most restrictive set of privileges… • …needed for the performance of authorized tasks. • The application of this principle limits the damage that can result from accident, error, or unauthorized use.” Source: U.S. Department of Defense
Problem #1: Getting to Least Privilege • Least Privilege desires for… • …each subject in a system be granted the most restrictive set of privileges… • …needed for the performance of authorized tasks. • Least Privilege wants this because… • …its application limits the damage from accident, error, or unauthorized use.
Problem #1: Getting to Least Privilege Administrator? What we Have
Problem #1: Getting to Least Privilege Change Time? Install Software? Add ActiveX? Config Network? Administrator? Elevate App? Change Properties? What we Have What we Want
Problem #1: Getting to Least Privilege • Implementing Least Privilege means thinking outside the box of Windows rights. • It requires collecting a catalog of possible actions a user might need to accomplish. • It involves gathering possible instances of each action, • Which apps to install? • Which properties to allow? • Which apps to elevate? • It means enumerating the possible users, usually by role. • ULTIMATELY: It desires mapping users into those actions and instances.
…but isn’t this in Windows?
…but isn’t this in Windows? • It is, of a sort: User Account Control. • Where it works: Everyone is a standard user until they need elevation. Only administrators get elevated.
…but isn’t this in Windows? • It is, of a sort: User Account Control. • Where it works: Everyone is a standard user until they need elevation. Only administrators get elevated. • Where it fails: Individuals must still be Administrator. UAC is person-centric by nature, Least Privilege is action-centric.
Get there with Privilege Authority • GPO-based elevation using • Executable path • Folder path • ActiveX • Digital Certificate • DEMO!
Problem #2: Getting the Granularity • Eliminating administrator won’t happen overnight. • Developers need application installations. • Users on the road require special consideration. • Even applications themselves require elevation when they’re not properly coded. • The largest consumer of project time will be in figuring out the mapping between… • Users, possible actions, and permitted actions.
Problem #2: Getting the Granularity Change Time? Install Software? Catalog of Actions Add ActiveX? Config Network? Change Elevate App? Properties? Directory of Users List of Policies
Problem #2: Getting the Granularity • Thing #1: Catalog of Actions • Changing the time • Installing software • Adding ActiveX Controls • Changing System Properties • Elevating Applications • An effective privilege management solution will deliver this catalog via its administrative console.
Problem #2: Getting the Granularity • Thing #2: Directory of Users • This part’s easy… • For most of us, this directory is something we already have through our Active Directory. • The Groups and Organizational Units that already exist in your AD define user roles. • Finance, Sales, Executives, etc.
Problem #2: Getting the Granularity • Thing #3: List of Policies • These policies are not technical in nature. • They are procedural in nature. • While your company policies may not be documented in a format that directly translates, you probably have a general understanding of which actions are approved. • Gathering your list of policies and translating them into user actions is the final step in this process.
Problem #2: Getting the Granularity Change Time? Install Software? Catalog of Actions Add ActiveX? Config Network? Change Elevate App? Properties? Directory Least of Users Privilege List of Policies
…isn’t this also in Windows?
…isn’t this also in Windows? • Also true, sort of: Applocker. • Where it works: Facilitates central control of execution and elevation.
…isn’t this also in Windows? • Also true, sort of: Applocker. • Where it works: Facilitates central control of execution and elevation. • Where is fails: Centers its catalog around executables, MSIs, and scripts. What you need is a catalog of actions.
Privilege Authority Targeting • Dynamic targeting based on: • 18 Base criteria • Boolean Operators • DEMO!
Problem #3: Rules that Work • Having a catalog of actions is one thing. • Having the entire list of action instances is another.
Problem #3: Rules that Work • Just installing a privilege management solution doesn’t automatically bring Least Privilege. • Any solution is a framework within which rules must be created. • That framework enables you to map users to policy- approved actions. • Finding the rules that work is a significant challenge!
Problem #3: Rules that Work • SOLUTION: It takes a community. • Getting the rules that work requires the assistance of an entire community of Least Privilege Followers • An effective solution will enable you to share rules with others. • With a clearinghouse of effective rules, populated by others with similar situations, you can quickly find those that work for you. • …then you arrive at Least Privilege much more cleanly and faster!
…but who needs a community?
…but who needs a community? • Is Google really your friend?
…but who needs a community? • Is Google really your friend? • Allow a non-admin user to install an Adobe executable based installer (such as ending in ".exe") when the installer has been digitally signed by Adobe. • Allow installation of MS Live Meeting Windows Client, protected with publisher cert information. • Allow file operations from the File | Open menu with unrestricted editing, but without enabling 'child processes' because then you can 'run as administrator' and launch executables. • Allow Firefox to be installed to the users profile without admin rights by matching both a digital certificate and file hash to ensure it is valid only for the current version. • Allow users to run ActiveX controls to view Olsen field webcam. • Allow users to install/update an array of preapproved applications on their own, while giving administrators the ability to create repositories for additional software. • Allow privilege elevation for Security Explorer on Windows 7 to remove the need to specify UAC credentials when the application starts.
The Privilege Authority Community www.privilegeauthority.com • Forums • Rules Exchange • DEMO!
Privilege Management is the Death of Administrator • Finding the balance between security and user productivity requires a granular approach. • You can’t get that with Administrator rights alone. • You can’t get that with Privilege Management alone. • It takes a community. • Be part of that community…
Resources • Privilege Authority Community www.privilegeauthority.com • Privilege Authority Pro www.scriptlogic.com/pa • Greg Shields www.concentratedtech.com
“SMB IT Simplified” www.scriptlogic.com/smbit • Real-world articles • Industry experts • Vendor-agnostic Connect with us and Win!
Questions?
Tablet Winner

Recommended

Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldQuest
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementQuest
 
How to Make Citrix Logons Faster?
How to Make Citrix Logons Faster?How to Make Citrix Logons Faster?
How to Make Citrix Logons Faster?eG Innovations
 
Enterprise DevOps and the Cloud
Enterprise DevOps and the CloudEnterprise DevOps and the Cloud
Enterprise DevOps and the CloudCloudCheckr
 
Agileand saas davepatterson_armandofox_050813webinar
Agileand saas davepatterson_armandofox_050813webinarAgileand saas davepatterson_armandofox_050813webinar
Agileand saas davepatterson_armandofox_050813webinarRoberto Jr. Figueroa
 
How to Deliver Exceptional End User Experience in Your Citrix Environment
How to Deliver Exceptional End User Experience in Your Citrix EnvironmentHow to Deliver Exceptional End User Experience in Your Citrix Environment
How to Deliver Exceptional End User Experience in Your Citrix EnvironmenteG Innovations
 
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...eG Innovations
 
How to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmentHow to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmenteG Innovations
 

Recommended

Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldQuest
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementQuest
 
How to Make Citrix Logons Faster?
How to Make Citrix Logons Faster?How to Make Citrix Logons Faster?
How to Make Citrix Logons Faster?eG Innovations
 
Enterprise DevOps and the Cloud
Enterprise DevOps and the CloudEnterprise DevOps and the Cloud
Enterprise DevOps and the CloudCloudCheckr
 
Agileand saas davepatterson_armandofox_050813webinar
Agileand saas davepatterson_armandofox_050813webinarAgileand saas davepatterson_armandofox_050813webinar
Agileand saas davepatterson_armandofox_050813webinarRoberto Jr. Figueroa
 
How to Deliver Exceptional End User Experience in Your Citrix Environment
How to Deliver Exceptional End User Experience in Your Citrix EnvironmentHow to Deliver Exceptional End User Experience in Your Citrix Environment
How to Deliver Exceptional End User Experience in Your Citrix EnvironmenteG Innovations
 
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...eG Innovations
 
How to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmentHow to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmenteG Innovations
 
Effective Patch and Software Update Management
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update ManagementQuest
 
4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User ExperienceeG Innovations
 
Citrix and Desktop Migration Success
Citrix and Desktop Migration SuccessCitrix and Desktop Migration Success
Citrix and Desktop Migration SuccesseG Innovations
 
Event Driven Architectures - Net Conf UY 2018
Event Driven Architectures - Net Conf UY 2018Event Driven Architectures - Net Conf UY 2018
Event Driven Architectures - Net Conf UY 2018Bradley Irby
 
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...eG Innovations
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkerseG Innovations
 
Event Driven Architecture – Enabling Microservices
Event Driven Architecture – Enabling MicroservicesEvent Driven Architecture – Enabling Microservices
Event Driven Architecture – Enabling MicroservicesBradley Irby
 
VMworld 2013: VMware Mirage 201
VMworld 2013: VMware Mirage 201VMworld 2013: VMware Mirage 201
VMworld 2013: VMware Mirage 201VMworld
 
Ensure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View DeploymentsEnsure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View DeploymentseG Innovations
 
How to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationsHow to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationseG Innovations
 
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBeesJava / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBeesParis Open Source Summit
 
How to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web ApplicationsHow to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web ApplicationseG Innovations
 
7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix HeroeG Innovations
 
Monitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMMonitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMeG Innovations
 
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...eG Innovations
 
A Citrix Masterclass
A Citrix MasterclassA Citrix Masterclass
A Citrix Masterclassbluechipper
 
Desktop virtualisation
Desktop virtualisationDesktop virtualisation
Desktop virtualisationBlueChipICT
 
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...eG Innovations
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...eG Innovations
 
Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?eG Innovations
 
Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...ScriptLogic
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Teemu Tiainen
 

More Related Content

What's hot

Effective Patch and Software Update Management
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update ManagementQuest
 
4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User ExperienceeG Innovations
 
Citrix and Desktop Migration Success
Citrix and Desktop Migration SuccessCitrix and Desktop Migration Success
Citrix and Desktop Migration SuccesseG Innovations
 
Event Driven Architectures - Net Conf UY 2018
Event Driven Architectures - Net Conf UY 2018Event Driven Architectures - Net Conf UY 2018
Event Driven Architectures - Net Conf UY 2018Bradley Irby
 
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...eG Innovations
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkerseG Innovations
 
Event Driven Architecture – Enabling Microservices
Event Driven Architecture – Enabling MicroservicesEvent Driven Architecture – Enabling Microservices
Event Driven Architecture – Enabling MicroservicesBradley Irby
 
VMworld 2013: VMware Mirage 201
VMworld 2013: VMware Mirage 201VMworld 2013: VMware Mirage 201
VMworld 2013: VMware Mirage 201VMworld
 
Ensure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View DeploymentsEnsure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View DeploymentseG Innovations
 
How to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationsHow to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationseG Innovations
 
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBeesJava / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBeesParis Open Source Summit
 
How to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web ApplicationsHow to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web ApplicationseG Innovations
 
7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix HeroeG Innovations
 
Monitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMMonitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMeG Innovations
 
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...eG Innovations
 
A Citrix Masterclass
A Citrix MasterclassA Citrix Masterclass
A Citrix Masterclassbluechipper
 
Desktop virtualisation
Desktop virtualisationDesktop virtualisation
Desktop virtualisationBlueChipICT
 
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...eG Innovations
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...eG Innovations
 
Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?eG Innovations
 

What's hot (20)

Effective Patch and Software Update Management
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update Management
 
4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience
 
Citrix and Desktop Migration Success
Citrix and Desktop Migration SuccessCitrix and Desktop Migration Success
Citrix and Desktop Migration Success
 
Event Driven Architectures - Net Conf UY 2018
Event Driven Architectures - Net Conf UY 2018Event Driven Architectures - Net Conf UY 2018
Event Driven Architectures - Net Conf UY 2018
 
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote Workers
 
Event Driven Architecture – Enabling Microservices
Event Driven Architecture – Enabling MicroservicesEvent Driven Architecture – Enabling Microservices
Event Driven Architecture – Enabling Microservices
 
VMworld 2013: VMware Mirage 201
VMworld 2013: VMware Mirage 201VMworld 2013: VMware Mirage 201
VMworld 2013: VMware Mirage 201
 
Ensure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View DeploymentsEnsure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View Deployments
 
How to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationsHow to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET Applications
 
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBeesJava / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
 
How to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web ApplicationsHow to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web Applications
 
7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero
 
Monitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMMonitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOM
 
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
 
A Citrix Masterclass
A Citrix MasterclassA Citrix Masterclass
A Citrix Masterclass
 
Desktop virtualisation
Desktop virtualisationDesktop virtualisation
Desktop virtualisation
 
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
 
Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?
 

Similar to Kill Administrator: Fighting Back Against Admin Rights

Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...ScriptLogic
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Teemu Tiainen
 
Citrix troubleshooting 101
Citrix troubleshooting 101Citrix troubleshooting 101
Citrix troubleshooting 101eG Innovations
 
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...ScriptLogic
 
The “Other” 5 Things You Need to Care About in Active Directory
The “Other” 5 Things You Need to Care About in Active DirectoryThe “Other” 5 Things You Need to Care About in Active Directory
The “Other” 5 Things You Need to Care About in Active DirectoryScriptLogic
 
Why retail companies can't afford database downtime
Why retail companies can't afford database downtimeWhy retail companies can't afford database downtime
Why retail companies can't afford database downtimeDBmaestro - Database DevOps
 
Making software development processes to work for you
Making software development processes to work for youMaking software development processes to work for you
Making software development processes to work for youAmbientia
 
From silex to symfony and viceversa
From silex to symfony and viceversaFrom silex to symfony and viceversa
From silex to symfony and viceversaRonny López
 
Citrix Troubleshooting 101
Citrix Troubleshooting 101Citrix Troubleshooting 101
Citrix Troubleshooting 101eG Innovations
 
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...Jayesh Naik
 
Application hardening
Application hardeningApplication hardening
Application hardeningJayesh Naik
 
XPages: You Know the 'How to'. Now Learn the 'Why and What'.
XPages: You Know the 'How to'. Now Learn the 'Why and What'.XPages: You Know the 'How to'. Now Learn the 'Why and What'.
XPages: You Know the 'How to'. Now Learn the 'Why and What'.Teamstudio
 
Introduction To Software Concepts Unit 1 & 2
Introduction To Software Concepts Unit 1 & 2Introduction To Software Concepts Unit 1 & 2
Introduction To Software Concepts Unit 1 & 2Raj vardhan
 
Green hopper webinar(1)
Green hopper webinar(1)Green hopper webinar(1)
Green hopper webinar(1)Cprime
 
2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers
2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers
2010-03 Yesterday's Trusted Web Sites are Today's Malicious ServersRaleigh ISSA
 
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...VMworld
 
Continuous delivery
Continuous deliveryContinuous delivery
Continuous deliveryMasas Dani
 
DNN-Connect 2019: DNN Horror Stories
DNN-Connect 2019: DNN Horror StoriesDNN-Connect 2019: DNN Horror Stories
DNN-Connect 2019: DNN Horror StoriesWill Strohl
 

Similar to Kill Administrator: Fighting Back Against Admin Rights (20)

Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
 
Citrix troubleshooting 101
Citrix troubleshooting 101Citrix troubleshooting 101
Citrix troubleshooting 101
 
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
 
The “Other” 5 Things You Need to Care About in Active Directory
The “Other” 5 Things You Need to Care About in Active DirectoryThe “Other” 5 Things You Need to Care About in Active Directory
The “Other” 5 Things You Need to Care About in Active Directory
 
Why retail companies can't afford database downtime
Why retail companies can't afford database downtimeWhy retail companies can't afford database downtime
Why retail companies can't afford database downtime
 
OOSE UNIT-1.pdf
OOSE UNIT-1.pdfOOSE UNIT-1.pdf
OOSE UNIT-1.pdf
 
Making software development processes to work for you
Making software development processes to work for youMaking software development processes to work for you
Making software development processes to work for you
 
From silex to symfony and viceversa
From silex to symfony and viceversaFrom silex to symfony and viceversa
From silex to symfony and viceversa
 
Citrix Troubleshooting 101
Citrix Troubleshooting 101Citrix Troubleshooting 101
Citrix Troubleshooting 101
 
Kku2011
Kku2011Kku2011
Kku2011
 
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
 
Application hardening
Application hardeningApplication hardening
Application hardening
 
XPages: You Know the 'How to'. Now Learn the 'Why and What'.
XPages: You Know the 'How to'. Now Learn the 'Why and What'.XPages: You Know the 'How to'. Now Learn the 'Why and What'.
XPages: You Know the 'How to'. Now Learn the 'Why and What'.
 
Introduction To Software Concepts Unit 1 & 2
Introduction To Software Concepts Unit 1 & 2Introduction To Software Concepts Unit 1 & 2
Introduction To Software Concepts Unit 1 & 2
 
Green hopper webinar(1)
Green hopper webinar(1)Green hopper webinar(1)
Green hopper webinar(1)
 
2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers
2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers
2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers
 
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
 
Continuous delivery
Continuous deliveryContinuous delivery
Continuous delivery
 
DNN-Connect 2019: DNN Horror Stories
DNN-Connect 2019: DNN Horror StoriesDNN-Connect 2019: DNN Horror Stories
DNN-Connect 2019: DNN Horror Stories
 

Recently uploaded

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 

Recently uploaded (20)

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 

Kill Administrator: Fighting Back Against Admin Rights

  • 1. Kill Administrator: Fighting Back Against Admin Rights Dial In: +1 (609) 318-0024 Access Code: 373-855-516 Or use your computer speakers Greg Shields, MVP Nick Cavalancia Partner and Principal Technologist VP, Windows Management www.ConcentratedTech.com ScriptLogic
  • 2. About the Speakers Greg Shields Greg is a Senior Partner and Principal Technologist with Concentrated Technology. He is a Contributing Editor for TechNet Magazine and Redmond Magazine, and a Series Editor for Realtime Publishers. Greg is a sought-after and top- ranked speaker, seen regularly at conferences like TechMentor, Tech Ed, VMworld, and more. He is a multiple recipient of Microsoft "Most Valuable Professional" award with has received VMware's vExpert award. Nick Cavalancia Nick Cavalancia, MCSE/MCT/MCNE/MCNI, is ScriptLogic’s VP of Windows Management where he assists in driving innovation and the evangelism of ScriptLogic solutions. He has over 17 years of enterprise IT experience and is an accomplished consultant, trainer, speaker, columnist and author. He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange and other Microsoft technologies.
  • 3. About ScriptLogic • Founded in 2000 • Focus on 4 key areas: • Desktop Management • Active Directory Management • Server Management • Help Desk Management • Customer Base • 30,800+ customers worldwide • From SMB to Fortune 100 • Headquartered in Boca Raton, Florida • Subsidiary of Quest Software since 2007
  • 4. Privilege Authority • Lowest cost privilege management solution on the market • Two editions: Community Edition Professional Cost FREE Starts at $12/seat Access to Community ✔ ✔ Advanced Features ✔ Support Model Community Std. Tech. Support
  • 5. Windows’ Necessary Evil. • Administrator privileges are Windows’ unfortunate, but necessary evil. • They were built into Windows. • They aren’t going anywhere. • Standard user rights aren’t powerful enough. • But “the evil” in Administrator creates a problem. • You either have it or you don’t. • Most of us need some subset of Administrator.
  • 6. Your Goal: Kill Administrator • Eliminating “the Administrator” from administrator rights solves three big problems. • Problem One: Getting to Least Privilege • Problem Two: Evolving from On/Off to granular privilege management. • Problem Three: Finding privilege rules that work. • The Windows OS can’t do this. • You’ll need external tools to assist. • More on those tools in a minute.
  • 7. The Principle of Least Privilege • “[The Principle of Least Privilege] requires that… • each subject in a system be granted the most restrictive set of privileges… • …needed for the performance of authorized tasks. • The application of this principle limits the damage that can result from accident, error, or unauthorized use.” Source: U.S. Department of Defense
  • 8. Problem #1: Getting to Least Privilege • Least Privilege desires for… • …each subject in a system be granted the most restrictive set of privileges… • …needed for the performance of authorized tasks. • Least Privilege wants this because… • …its application limits the damage from accident, error, or unauthorized use.
  • 9. Problem #1: Getting to Least Privilege Administrator? What we Have
  • 10. Problem #1: Getting to Least Privilege Change Time? Install Software? Add ActiveX? Config Network? Administrator? Elevate App? Change Properties? What we Have What we Want
  • 11. Problem #1: Getting to Least Privilege • Implementing Least Privilege means thinking outside the box of Windows rights. • It requires collecting a catalog of possible actions a user might need to accomplish. • It involves gathering possible instances of each action, • Which apps to install? • Which properties to allow? • Which apps to elevate? • It means enumerating the possible users, usually by role. • ULTIMATELY: It desires mapping users into those actions and instances.
  • 12. …but isn’t this in Windows?
  • 13. …but isn’t this in Windows? • It is, of a sort: User Account Control. • Where it works: Everyone is a standard user until they need elevation. Only administrators get elevated.
  • 14. …but isn’t this in Windows? • It is, of a sort: User Account Control. • Where it works: Everyone is a standard user until they need elevation. Only administrators get elevated. • Where it fails: Individuals must still be Administrator. UAC is person-centric by nature, Least Privilege is action-centric.
  • 15. Get there with Privilege Authority • GPO-based elevation using • Executable path • Folder path • ActiveX • Digital Certificate • DEMO!
  • 16. Problem #2: Getting the Granularity • Eliminating administrator won’t happen overnight. • Developers need application installations. • Users on the road require special consideration. • Even applications themselves require elevation when they’re not properly coded. • The largest consumer of project time will be in figuring out the mapping between… • Users, possible actions, and permitted actions.
  • 17. Problem #2: Getting the Granularity Change Time? Install Software? Catalog of Actions Add ActiveX? Config Network? Change Elevate App? Properties? Directory of Users List of Policies
  • 18. Problem #2: Getting the Granularity • Thing #1: Catalog of Actions • Changing the time • Installing software • Adding ActiveX Controls • Changing System Properties • Elevating Applications • An effective privilege management solution will deliver this catalog via its administrative console.
  • 19. Problem #2: Getting the Granularity • Thing #2: Directory of Users • This part’s easy… • For most of us, this directory is something we already have through our Active Directory. • The Groups and Organizational Units that already exist in your AD define user roles. • Finance, Sales, Executives, etc.
  • 20. Problem #2: Getting the Granularity • Thing #3: List of Policies • These policies are not technical in nature. • They are procedural in nature. • While your company policies may not be documented in a format that directly translates, you probably have a general understanding of which actions are approved. • Gathering your list of policies and translating them into user actions is the final step in this process.
  • 21. Problem #2: Getting the Granularity Change Time? Install Software? Catalog of Actions Add ActiveX? Config Network? Change Elevate App? Properties? Directory Least of Users Privilege List of Policies
  • 22. …isn’t this also in Windows?
  • 23. …isn’t this also in Windows? • Also true, sort of: Applocker. • Where it works: Facilitates central control of execution and elevation.
  • 24. …isn’t this also in Windows? • Also true, sort of: Applocker. • Where it works: Facilitates central control of execution and elevation. • Where is fails: Centers its catalog around executables, MSIs, and scripts. What you need is a catalog of actions.
  • 25. Privilege Authority Targeting • Dynamic targeting based on: • 18 Base criteria • Boolean Operators • DEMO!
  • 26. Problem #3: Rules that Work • Having a catalog of actions is one thing. • Having the entire list of action instances is another.
  • 27. Problem #3: Rules that Work • Just installing a privilege management solution doesn’t automatically bring Least Privilege. • Any solution is a framework within which rules must be created. • That framework enables you to map users to policy- approved actions. • Finding the rules that work is a significant challenge!
  • 28. Problem #3: Rules that Work • SOLUTION: It takes a community. • Getting the rules that work requires the assistance of an entire community of Least Privilege Followers • An effective solution will enable you to share rules with others. • With a clearinghouse of effective rules, populated by others with similar situations, you can quickly find those that work for you. • …then you arrive at Least Privilege much more cleanly and faster!
  • 29. …but who needs a community?
  • 30. …but who needs a community? • Is Google really your friend?
  • 31. …but who needs a community? • Is Google really your friend? • Allow a non-admin user to install an Adobe executable based installer (such as ending in ".exe") when the installer has been digitally signed by Adobe. • Allow installation of MS Live Meeting Windows Client, protected with publisher cert information. • Allow file operations from the File | Open menu with unrestricted editing, but without enabling 'child processes' because then you can 'run as administrator' and launch executables. • Allow Firefox to be installed to the users profile without admin rights by matching both a digital certificate and file hash to ensure it is valid only for the current version. • Allow users to run ActiveX controls to view Olsen field webcam. • Allow users to install/update an array of preapproved applications on their own, while giving administrators the ability to create repositories for additional software. • Allow privilege elevation for Security Explorer on Windows 7 to remove the need to specify UAC credentials when the application starts.
  • 32. The Privilege Authority Community www.privilegeauthority.com • Forums • Rules Exchange • DEMO!
  • 33. Privilege Management is the Death of Administrator • Finding the balance between security and user productivity requires a granular approach. • You can’t get that with Administrator rights alone. • You can’t get that with Privilege Management alone. • It takes a community. • Be part of that community…
  • 34. Resources • Privilege Authority Community www.privilegeauthority.com • Privilege Authority Pro www.scriptlogic.com/pa • Greg Shields www.concentratedtech.com
  • 35. “SMB IT Simplified” www.scriptlogic.com/smbit • Real-world articles • Industry experts • Vendor-agnostic Connect with us and Win!