Free Software Identifies Applications Requiring Administrator Rights

Enterprises can now more easily determine which applications their employees run that require administrative rights, a condition that makes the environment more susceptible to malicious users and viruses and prevents compliance with regulations such as the Sarbanes-Oxley Act and HIPAA. BeyondTrust’s free Application Rights Auditor automatically identifies and reports Windows applications that need elevated user rights.

Once these applications are identified, enterprises can remove users’ administrative rights without any application downtime, creating a more secure and compliant environment and lowering the cost of Windows system administration. The company says that before this tool was released, enterprises had to rescind rights from every user and see which applications broke or to examine each installed application individually.

"Enterprises are quickly waking up to the danger of elevated privileges and the need to remove administrator rights but until now it has been prohibitively time-consuming to identify which applications would break if those rights were removed,” said BeyondTrust CEO John Moyer in a statement. “BeyondTrust Application Rights Auditor automatically identifies which applications require users to have elevated privileges so enterprises can quickly know the actions they need to take to protect themselves and keep employees doing their jobs."

Granting employees elevated rights presents a security risk because it makes malicious software easier to install, thus increasing the potential damage from malware. Administrative rights also allow users to circumvent security policies so they can install unauthorized applications or make unauthorized changes to a standard desktop configuration. Recognizing the problem, the U.S. government now requires administrator rights be removed from Windows desktops at all government agencies as part of the Federal Desktop Core Configuration mandate.

Application Rights Auditor includes a Microsoft Management Console (MMC) snap-in and a desktop component. After the desktop component is installed, it transparently examines applications as they run and sends encrypted log files to a secure server. Centralized reports can be viewed using the MMC.

The company says that the Application Rights Auditor reports increase compliance with Federal Desktop Core Configurations, Sarbanes-Oxley, the PCI Security Standard, and other regulations by providing a clear report of the installed applications that require elevated permissions.

BeyondTrust Application Rights Auditor is available as a free download at http://www.beyondtrust.com/products/ApplicationRightsAuditor.aspx.

The application supports Windows 2000, XP, Vista, Windows Server 2003 and 2008, and 64-bit Windows.

About the Author

This article is courtesy of Enterprise Systems. James E. Powell is editorial director of ESJ.com.

Featured