Solved

Application Control/Whitelisting

Posted on 2010-08-24
4
661 Views
Last Modified: 2012-05-10
I'm trying to look for a solution to removing admin rights from end users. I've looked at Beyond Trust and then started looking into Application Whitelisting vendors such as Bit9, Lumension, and McAfee. I'm wanting to see if anyone out here has used any of these solutions or any others for the same reasons or if they have suggestions. Application whitelisting looks to be a more secure and has many more features for us to control our endpoints as they also have Device Control which would be an added bonus. Any input with your experiences removing admin rights or using application whitelisting would be greatly appreciated.
0
Comment
Question by:hpmhelpdesk
  • 2
4 Comments
 
LVL 2

Expert Comment

by:Nirev
ID: 33514172
What have you done so far to limit your users? did you try giving them user level access by changing it under the users in control panel? what kind of limitations are you looking at? In my situations, normally I will drop them to the lowest permissions so that nobody can change any of the computer's contents. Even going as far as preventing access to the local drive. All files and my documents are stored in a network drive.
0
 

Author Comment

by:hpmhelpdesk
ID: 33514839
We are in a domain and so far they have no limits locally but we are looking to change that to user level access and then either using Beyond Trust to elevate rights or use application whitelisting to block unwanted apps and control what they can install.
0
 
LVL 2

Accepted Solution

by:
Nirev earned 500 total points
ID: 33515350
Honestly, there are tons of apps out there to block and to allow. Especially with users, someone will need something unlisted and installed sometime along the way. And figuring out if that application requires administrative rights to run and what not are time consuming and fustrating.

I would recommend that you evaluate the applications that you need to run in administrative mode and how often those are used before investing into such 3rd party admin rights apps, since most of these don't come cheap and the additional hassle to manage. Consider using a spare PC as a common system with virtual pc/os for the department to use should they need to test apps and etc.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question