BeyondTrust Privilege Management for Windows servers reduces the risk of privilege abuse by assigning administrator privileges only to authorised activity. Built-in auditing mechanisms provide application or script usage control, as well as logging and monitoring of user activity.
Features and capabilities
Comprehensive privilege management.
Selective elevation of privileges for specific applications allows administrators to work on standard user accounts and thus reduce the attack surface. The ability to have full control over Windows services and the command prompt minimizes the risk of unauthorized use of elevated privileges.
Full control over applications
Defining approved application lists allows organizations to automate their execution with elevated privileges or enforce the use of one-time codes for high-risk applications.
User activity monitoring
Safely stored, indexed logs of entered strings, recorded activities, and other events using high-privileged accounts allow for full control over Windows systems.
Benefits
Granular control of permissions
Reduce the risk of using unsafe applications by implementing flexible policies that limit user account privileges.
Flexible management options
Manage permission policies using existing solutions such as Active Directory or McAfee EPO.
Quick start
Enforce the principle of least privilege by using predefined policies.
Features
- Elevation of privileges “on demand”, allowing administrators to work without reducing productivity while minimizing the risk associated with working on privileged accounts.
- Precise control over tasks performed by system administrators, including managing services, editing system files and registry, running scripts, patch and software installations.
- Event logs, auditing, and user activity monitoring during privilege elevation to improve analysis and compliance maintenance processes.
- Support for both local sessions and remote administrative connections to servers enhances the security of user account usage in all Windows environments.
