SlideShare a Scribd company logo

Kill Administrator: Fighting Back Against Admin Rights

S
ScriptLogic

We’re not talking about killing the Administrator. That would be you, and that would be wrong. Rather, it’s time we eliminated the role of Administrator from our Windows servers and desktops. Administrator privileges are Windows’ necessary evil. Why? Standard Windows user rights just aren’t powerful enough to accomplish many needed tasks, so users demand elevated rights for everything. That’s the problem with Administrator: You either have it or you don’t. With a new approach to delegating administrative privileges, you can granularly elevate privileges in applications and the operating system. Windows itself has such a solution in its built-in AppLocker functionality. AppLocker is a good tool to whitelist apps you’ve approved to run, but it isn’t without its shortfalls. Join Concentrated Technology’s Greg Shields and ScriptLogic’s Nick Calavancia as they compare the AppLocker approach with ScriptLogic’s Privilege Authority product. You’ll find that finding the right balance requires the right set of tools. In this webinar, we will cover: 1. Getting to least privilege – killing admin rights 2. Administrative granularity – balancing lockdown with productivity 3. Lockdown rules that work

Technology
1 of 37
Kill Administrator: Fighting Back Against Admin Rights Dial In: +1 (609) 318-0024 Access Code: 373-855-516 Or use your computer speakers Greg Shields, MVP Nick Cavalancia Partner and Principal Technologist VP, Windows Management www.ConcentratedTech.com ScriptLogic
About the Speakers Greg Shields Greg is a Senior Partner and Principal Technologist with Concentrated Technology. He is a Contributing Editor for TechNet Magazine and Redmond Magazine, and a Series Editor for Realtime Publishers. Greg is a sought-after and top- ranked speaker, seen regularly at conferences like TechMentor, Tech Ed, VMworld, and more. He is a multiple recipient of Microsoft "Most Valuable Professional" award with has received VMware's vExpert award. Nick Cavalancia Nick Cavalancia, MCSE/MCT/MCNE/MCNI, is ScriptLogic’s VP of Windows Management where he assists in driving innovation and the evangelism of ScriptLogic solutions. He has over 17 years of enterprise IT experience and is an accomplished consultant, trainer, speaker, columnist and author. He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange and other Microsoft technologies.
About ScriptLogic • Founded in 2000 • Focus on 4 key areas: • Desktop Management • Active Directory Management • Server Management • Help Desk Management • Customer Base • 30,800+ customers worldwide • From SMB to Fortune 100 • Headquartered in Boca Raton, Florida • Subsidiary of Quest Software since 2007
Privilege Authority • Lowest cost privilege management solution on the market • Two editions: Community Edition Professional Cost FREE Starts at $12/seat Access to Community ✔ ✔ Advanced Features ✔ Support Model Community Std. Tech. Support
Windows’ Necessary Evil. • Administrator privileges are Windows’ unfortunate, but necessary evil. • They were built into Windows. • They aren’t going anywhere. • Standard user rights aren’t powerful enough. • But “the evil” in Administrator creates a problem. • You either have it or you don’t. • Most of us need some subset of Administrator.
Your Goal: Kill Administrator • Eliminating “the Administrator” from administrator rights solves three big problems. • Problem One: Getting to Least Privilege • Problem Two: Evolving from On/Off to granular privilege management. • Problem Three: Finding privilege rules that work. • The Windows OS can’t do this. • You’ll need external tools to assist. • More on those tools in a minute.
The Principle of Least Privilege • “[The Principle of Least Privilege] requires that… • each subject in a system be granted the most restrictive set of privileges… • …needed for the performance of authorized tasks. • The application of this principle limits the damage that can result from accident, error, or unauthorized use.” Source: U.S. Department of Defense
Problem #1: Getting to Least Privilege • Least Privilege desires for… • …each subject in a system be granted the most restrictive set of privileges… • …needed for the performance of authorized tasks. • Least Privilege wants this because… • …its application limits the damage from accident, error, or unauthorized use.
Problem #1: Getting to Least Privilege Administrator? What we Have
Problem #1: Getting to Least Privilege Change Time? Install Software? Add ActiveX? Config Network? Administrator? Elevate App? Change Properties? What we Have What we Want
Problem #1: Getting to Least Privilege • Implementing Least Privilege means thinking outside the box of Windows rights. • It requires collecting a catalog of possible actions a user might need to accomplish. • It involves gathering possible instances of each action, • Which apps to install? • Which properties to allow? • Which apps to elevate? • It means enumerating the possible users, usually by role. • ULTIMATELY: It desires mapping users into those actions and instances.
…but isn’t this in Windows?
…but isn’t this in Windows? • It is, of a sort: User Account Control. • Where it works: Everyone is a standard user until they need elevation. Only administrators get elevated.
…but isn’t this in Windows? • It is, of a sort: User Account Control. • Where it works: Everyone is a standard user until they need elevation. Only administrators get elevated. • Where it fails: Individuals must still be Administrator. UAC is person-centric by nature, Least Privilege is action-centric.
Get there with Privilege Authority • GPO-based elevation using • Executable path • Folder path • ActiveX • Digital Certificate • DEMO!
Problem #2: Getting the Granularity • Eliminating administrator won’t happen overnight. • Developers need application installations. • Users on the road require special consideration. • Even applications themselves require elevation when they’re not properly coded. • The largest consumer of project time will be in figuring out the mapping between… • Users, possible actions, and permitted actions.
Problem #2: Getting the Granularity Change Time? Install Software? Catalog of Actions Add ActiveX? Config Network? Change Elevate App? Properties? Directory of Users List of Policies
Problem #2: Getting the Granularity • Thing #1: Catalog of Actions • Changing the time • Installing software • Adding ActiveX Controls • Changing System Properties • Elevating Applications • An effective privilege management solution will deliver this catalog via its administrative console.
Problem #2: Getting the Granularity • Thing #2: Directory of Users • This part’s easy… • For most of us, this directory is something we already have through our Active Directory. • The Groups and Organizational Units that already exist in your AD define user roles. • Finance, Sales, Executives, etc.
Problem #2: Getting the Granularity • Thing #3: List of Policies • These policies are not technical in nature. • They are procedural in nature. • While your company policies may not be documented in a format that directly translates, you probably have a general understanding of which actions are approved. • Gathering your list of policies and translating them into user actions is the final step in this process.
Problem #2: Getting the Granularity Change Time? Install Software? Catalog of Actions Add ActiveX? Config Network? Change Elevate App? Properties? Directory Least of Users Privilege List of Policies
…isn’t this also in Windows?
…isn’t this also in Windows? • Also true, sort of: Applocker. • Where it works: Facilitates central control of execution and elevation.
…isn’t this also in Windows? • Also true, sort of: Applocker. • Where it works: Facilitates central control of execution and elevation. • Where is fails: Centers its catalog around executables, MSIs, and scripts. What you need is a catalog of actions.
Privilege Authority Targeting • Dynamic targeting based on: • 18 Base criteria • Boolean Operators • DEMO!
Problem #3: Rules that Work • Having a catalog of actions is one thing. • Having the entire list of action instances is another.
Problem #3: Rules that Work • Just installing a privilege management solution doesn’t automatically bring Least Privilege. • Any solution is a framework within which rules must be created. • That framework enables you to map users to policy- approved actions. • Finding the rules that work is a significant challenge!
Problem #3: Rules that Work • SOLUTION: It takes a community. • Getting the rules that work requires the assistance of an entire community of Least Privilege Followers • An effective solution will enable you to share rules with others. • With a clearinghouse of effective rules, populated by others with similar situations, you can quickly find those that work for you. • …then you arrive at Least Privilege much more cleanly and faster!
…but who needs a community?
…but who needs a community? • Is Google really your friend?
…but who needs a community? • Is Google really your friend? • Allow a non-admin user to install an Adobe executable based installer (such as ending in ".exe") when the installer has been digitally signed by Adobe. • Allow installation of MS Live Meeting Windows Client, protected with publisher cert information. • Allow file operations from the File | Open menu with unrestricted editing, but without enabling 'child processes' because then you can 'run as administrator' and launch executables. • Allow Firefox to be installed to the users profile without admin rights by matching both a digital certificate and file hash to ensure it is valid only for the current version. • Allow users to run ActiveX controls to view Olsen field webcam. • Allow users to install/update an array of preapproved applications on their own, while giving administrators the ability to create repositories for additional software. • Allow privilege elevation for Security Explorer on Windows 7 to remove the need to specify UAC credentials when the application starts.
The Privilege Authority Community www.privilegeauthority.com • Forums • Rules Exchange • DEMO!
Privilege Management is the Death of Administrator • Finding the balance between security and user productivity requires a granular approach. • You can’t get that with Administrator rights alone. • You can’t get that with Privilege Management alone. • It takes a community. • Be part of that community…
Resources • Privilege Authority Community www.privilegeauthority.com • Privilege Authority Pro www.scriptlogic.com/pa • Greg Shields www.concentratedtech.com
“SMB IT Simplified” www.scriptlogic.com/smbit • Real-world articles • Industry experts • Vendor-agnostic Connect with us and Win!
Questions?
Tablet Winner

Recommended

Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
Quest
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint Management
Quest
 
How to Make Citrix Logons Faster?
How to Make Citrix Logons Faster?How to Make Citrix Logons Faster?
How to Make Citrix Logons Faster?
eG Innovations
 
Enterprise DevOps and the Cloud
Enterprise DevOps and the CloudEnterprise DevOps and the Cloud
Enterprise DevOps and the Cloud
CloudCheckr
 
Agileand saas davepatterson_armandofox_050813webinar
Agileand saas davepatterson_armandofox_050813webinarAgileand saas davepatterson_armandofox_050813webinar
Agileand saas davepatterson_armandofox_050813webinar
Roberto Jr. Figueroa
 
How to Deliver Exceptional End User Experience in Your Citrix Environment
How to Deliver Exceptional End User Experience in Your Citrix EnvironmentHow to Deliver Exceptional End User Experience in Your Citrix Environment
How to Deliver Exceptional End User Experience in Your Citrix Environment
eG Innovations
 
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...
eG Innovations
 
How to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmentHow to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix Environment
eG Innovations
 

Recommended

Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
Quest
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint Management
Quest
 
How to Make Citrix Logons Faster?
How to Make Citrix Logons Faster?How to Make Citrix Logons Faster?
How to Make Citrix Logons Faster?
eG Innovations
 
Enterprise DevOps and the Cloud
Enterprise DevOps and the CloudEnterprise DevOps and the Cloud
Enterprise DevOps and the Cloud
CloudCheckr
 
Agileand saas davepatterson_armandofox_050813webinar
Agileand saas davepatterson_armandofox_050813webinarAgileand saas davepatterson_armandofox_050813webinar
Agileand saas davepatterson_armandofox_050813webinar
Roberto Jr. Figueroa
 
How to Deliver Exceptional End User Experience in Your Citrix Environment
How to Deliver Exceptional End User Experience in Your Citrix EnvironmentHow to Deliver Exceptional End User Experience in Your Citrix Environment
How to Deliver Exceptional End User Experience in Your Citrix Environment
eG Innovations
 
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...
Why does Citrix use eG Enterprise for End-to-End Monitoring at Citrix Summit ...
eG Innovations
 
How to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmentHow to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix Environment
eG Innovations
 
Effective Patch and Software Update Management
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update Management
Quest
 
4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience
eG Innovations
 
Citrix and Desktop Migration Success
Citrix and Desktop Migration SuccessCitrix and Desktop Migration Success
Citrix and Desktop Migration Success
eG Innovations
 
Event Driven Architectures - Net Conf UY 2018
Event Driven Architectures - Net Conf UY 2018Event Driven Architectures - Net Conf UY 2018
Event Driven Architectures - Net Conf UY 2018
Bradley Irby
 
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
eG Innovations
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote Workers
eG Innovations
 
Event Driven Architecture – Enabling Microservices
Event Driven Architecture – Enabling MicroservicesEvent Driven Architecture – Enabling Microservices
Event Driven Architecture – Enabling Microservices
Bradley Irby
 
VMworld 2013: VMware Mirage 201
VMworld 2013: VMware Mirage 201VMworld 2013: VMware Mirage 201
VMworld 2013: VMware Mirage 201
VMworld
 
Ensure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View DeploymentsEnsure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View Deployments
eG Innovations
 
How to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationsHow to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET Applications
eG Innovations
 
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBeesJava / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Paris Open Source Summit
 
How to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web ApplicationsHow to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web Applications
eG Innovations
 
7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero
eG Innovations
 
Monitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMMonitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOM
eG Innovations
 
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
eG Innovations
 
A Citrix Masterclass
A Citrix MasterclassA Citrix Masterclass
A Citrix Masterclass
bluechipper
 
Desktop virtualisation
Desktop virtualisationDesktop virtualisation
Desktop virtualisation
BlueChipICT
 
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
eG Innovations
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
eG Innovations
 
Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?
eG Innovations
 
Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...
ScriptLogic
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Teemu Tiainen
 

More Related Content

What's hot

4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience
eG Innovations
 
Citrix and Desktop Migration Success
Citrix and Desktop Migration SuccessCitrix and Desktop Migration Success
Citrix and Desktop Migration Success
eG Innovations
 
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
eG Innovations
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote Workers
eG Innovations
 
How to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationsHow to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET Applications
eG Innovations
 
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBeesJava / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Paris Open Source Summit
 
How to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web ApplicationsHow to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web Applications
eG Innovations
 
7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero
eG Innovations
 
Monitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMMonitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOM
eG Innovations
 
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
eG Innovations
 
A Citrix Masterclass
A Citrix MasterclassA Citrix Masterclass
A Citrix Masterclass
bluechipper
 
Desktop virtualisation
Desktop virtualisationDesktop virtualisation
Desktop virtualisation
BlueChipICT
 
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
eG Innovations
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
eG Innovations
 
Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?
eG Innovations
 

What's hot (20)

Effective Patch and Software Update Management
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update Management
 
4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience
 
Citrix and Desktop Migration Success
Citrix and Desktop Migration SuccessCitrix and Desktop Migration Success
Citrix and Desktop Migration Success
 
Event Driven Architectures - Net Conf UY 2018
Event Driven Architectures - Net Conf UY 2018Event Driven Architectures - Net Conf UY 2018
Event Driven Architectures - Net Conf UY 2018
 
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
Is Citrix Cloud Enterprise Ready? Best Practices to Get the Most Out of Citri...
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote Workers
 
Event Driven Architecture – Enabling Microservices
Event Driven Architecture – Enabling MicroservicesEvent Driven Architecture – Enabling Microservices
Event Driven Architecture – Enabling Microservices
 
VMworld 2013: VMware Mirage 201
VMworld 2013: VMware Mirage 201VMworld 2013: VMware Mirage 201
VMworld 2013: VMware Mirage 201
 
Ensure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View DeploymentsEnsure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View Deployments
 
How to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationsHow to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET Applications
 
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBeesJava / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
Java / Opening Open Source the Jenkins Way - Nicolas de Loof, CloudBees
 
How to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web ApplicationsHow to Manage Digital User Experience for Web Applications
How to Manage Digital User Experience for Web Applications
 
7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero
 
Monitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMMonitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOM
 
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
 
A Citrix Masterclass
A Citrix MasterclassA Citrix Masterclass
A Citrix Masterclass
 
Desktop virtualisation
Desktop virtualisationDesktop virtualisation
Desktop virtualisation
 
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
 
Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?
 

Similar to Kill Administrator: Fighting Back Against Admin Rights

Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...
ScriptLogic
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Teemu Tiainen
 
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
ScriptLogic
 
The “Other” 5 Things You Need to Care About in Active Directory
The “Other” 5 Things You Need to Care About in Active DirectoryThe “Other” 5 Things You Need to Care About in Active Directory
The “Other” 5 Things You Need to Care About in Active Directory
ScriptLogic
 
Application hardening
Application hardeningApplication hardening
Application hardening
Jayesh Naik
 
XPages: You Know the 'How to'. Now Learn the 'Why and What'.
XPages: You Know the 'How to'. Now Learn the 'Why and What'.XPages: You Know the 'How to'. Now Learn the 'Why and What'.
XPages: You Know the 'How to'. Now Learn the 'Why and What'.
Teamstudio
 
Green hopper webinar(1)
Green hopper webinar(1)Green hopper webinar(1)
Green hopper webinar(1)
Cprime
 

Similar to Kill Administrator: Fighting Back Against Admin Rights (20)

Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...Administrator Privileges: Finding Balance between desktop security & user pro...
Administrator Privileges: Finding Balance between desktop security & user pro...
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
 
Citrix troubleshooting 101
Citrix troubleshooting 101Citrix troubleshooting 101
Citrix troubleshooting 101
 
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
 
The “Other” 5 Things You Need to Care About in Active Directory
The “Other” 5 Things You Need to Care About in Active DirectoryThe “Other” 5 Things You Need to Care About in Active Directory
The “Other” 5 Things You Need to Care About in Active Directory
 
Why retail companies can't afford database downtime
Why retail companies can't afford database downtimeWhy retail companies can't afford database downtime
Why retail companies can't afford database downtime
 
OOSE UNIT-1.pdf
OOSE UNIT-1.pdfOOSE UNIT-1.pdf
OOSE UNIT-1.pdf
 
Making software development processes to work for you
Making software development processes to work for youMaking software development processes to work for you
Making software development processes to work for you
 
From silex to symfony and viceversa
From silex to symfony and viceversaFrom silex to symfony and viceversa
From silex to symfony and viceversa
 
Citrix Troubleshooting 101
Citrix Troubleshooting 101Citrix Troubleshooting 101
Citrix Troubleshooting 101
 
Kku2011
Kku2011Kku2011
Kku2011
 
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
 
Application hardening
Application hardeningApplication hardening
Application hardening
 
XPages: You Know the 'How to'. Now Learn the 'Why and What'.
XPages: You Know the 'How to'. Now Learn the 'Why and What'.XPages: You Know the 'How to'. Now Learn the 'Why and What'.
XPages: You Know the 'How to'. Now Learn the 'Why and What'.
 
Introduction To Software Concepts Unit 1 & 2
Introduction To Software Concepts Unit 1 & 2Introduction To Software Concepts Unit 1 & 2
Introduction To Software Concepts Unit 1 & 2
 
Green hopper webinar(1)
Green hopper webinar(1)Green hopper webinar(1)
Green hopper webinar(1)
 
2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers
2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers
2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers
 
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
 
Continuous delivery
Continuous deliveryContinuous delivery
Continuous delivery
 
DNN-Connect 2019: DNN Horror Stories
DNN-Connect 2019: DNN Horror StoriesDNN-Connect 2019: DNN Horror Stories
DNN-Connect 2019: DNN Horror Stories
 

Recently uploaded

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

Kill Administrator: Fighting Back Against Admin Rights

  • 1. Kill Administrator: Fighting Back Against Admin Rights Dial In: +1 (609) 318-0024 Access Code: 373-855-516 Or use your computer speakers Greg Shields, MVP Nick Cavalancia Partner and Principal Technologist VP, Windows Management www.ConcentratedTech.com ScriptLogic
  • 2. About the Speakers Greg Shields Greg is a Senior Partner and Principal Technologist with Concentrated Technology. He is a Contributing Editor for TechNet Magazine and Redmond Magazine, and a Series Editor for Realtime Publishers. Greg is a sought-after and top- ranked speaker, seen regularly at conferences like TechMentor, Tech Ed, VMworld, and more. He is a multiple recipient of Microsoft "Most Valuable Professional" award with has received VMware's vExpert award. Nick Cavalancia Nick Cavalancia, MCSE/MCT/MCNE/MCNI, is ScriptLogic’s VP of Windows Management where he assists in driving innovation and the evangelism of ScriptLogic solutions. He has over 17 years of enterprise IT experience and is an accomplished consultant, trainer, speaker, columnist and author. He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange and other Microsoft technologies.
  • 3. About ScriptLogic • Founded in 2000 • Focus on 4 key areas: • Desktop Management • Active Directory Management • Server Management • Help Desk Management • Customer Base • 30,800+ customers worldwide • From SMB to Fortune 100 • Headquartered in Boca Raton, Florida • Subsidiary of Quest Software since 2007
  • 4. Privilege Authority • Lowest cost privilege management solution on the market • Two editions: Community Edition Professional Cost FREE Starts at $12/seat Access to Community ✔ ✔ Advanced Features ✔ Support Model Community Std. Tech. Support
  • 5. Windows’ Necessary Evil. • Administrator privileges are Windows’ unfortunate, but necessary evil. • They were built into Windows. • They aren’t going anywhere. • Standard user rights aren’t powerful enough. • But “the evil” in Administrator creates a problem. • You either have it or you don’t. • Most of us need some subset of Administrator.
  • 6. Your Goal: Kill Administrator • Eliminating “the Administrator” from administrator rights solves three big problems. • Problem One: Getting to Least Privilege • Problem Two: Evolving from On/Off to granular privilege management. • Problem Three: Finding privilege rules that work. • The Windows OS can’t do this. • You’ll need external tools to assist. • More on those tools in a minute.
  • 7. The Principle of Least Privilege • “[The Principle of Least Privilege] requires that… • each subject in a system be granted the most restrictive set of privileges… • …needed for the performance of authorized tasks. • The application of this principle limits the damage that can result from accident, error, or unauthorized use.” Source: U.S. Department of Defense
  • 8. Problem #1: Getting to Least Privilege • Least Privilege desires for… • …each subject in a system be granted the most restrictive set of privileges… • …needed for the performance of authorized tasks. • Least Privilege wants this because… • …its application limits the damage from accident, error, or unauthorized use.
  • 9. Problem #1: Getting to Least Privilege Administrator? What we Have
  • 10. Problem #1: Getting to Least Privilege Change Time? Install Software? Add ActiveX? Config Network? Administrator? Elevate App? Change Properties? What we Have What we Want
  • 11. Problem #1: Getting to Least Privilege • Implementing Least Privilege means thinking outside the box of Windows rights. • It requires collecting a catalog of possible actions a user might need to accomplish. • It involves gathering possible instances of each action, • Which apps to install? • Which properties to allow? • Which apps to elevate? • It means enumerating the possible users, usually by role. • ULTIMATELY: It desires mapping users into those actions and instances.
  • 12. …but isn’t this in Windows?
  • 13. …but isn’t this in Windows? • It is, of a sort: User Account Control. • Where it works: Everyone is a standard user until they need elevation. Only administrators get elevated.
  • 14. …but isn’t this in Windows? • It is, of a sort: User Account Control. • Where it works: Everyone is a standard user until they need elevation. Only administrators get elevated. • Where it fails: Individuals must still be Administrator. UAC is person-centric by nature, Least Privilege is action-centric.
  • 15. Get there with Privilege Authority • GPO-based elevation using • Executable path • Folder path • ActiveX • Digital Certificate • DEMO!
  • 16. Problem #2: Getting the Granularity • Eliminating administrator won’t happen overnight. • Developers need application installations. • Users on the road require special consideration. • Even applications themselves require elevation when they’re not properly coded. • The largest consumer of project time will be in figuring out the mapping between… • Users, possible actions, and permitted actions.
  • 17. Problem #2: Getting the Granularity Change Time? Install Software? Catalog of Actions Add ActiveX? Config Network? Change Elevate App? Properties? Directory of Users List of Policies
  • 18. Problem #2: Getting the Granularity • Thing #1: Catalog of Actions • Changing the time • Installing software • Adding ActiveX Controls • Changing System Properties • Elevating Applications • An effective privilege management solution will deliver this catalog via its administrative console.
  • 19. Problem #2: Getting the Granularity • Thing #2: Directory of Users • This part’s easy… • For most of us, this directory is something we already have through our Active Directory. • The Groups and Organizational Units that already exist in your AD define user roles. • Finance, Sales, Executives, etc.
  • 20. Problem #2: Getting the Granularity • Thing #3: List of Policies • These policies are not technical in nature. • They are procedural in nature. • While your company policies may not be documented in a format that directly translates, you probably have a general understanding of which actions are approved. • Gathering your list of policies and translating them into user actions is the final step in this process.
  • 21. Problem #2: Getting the Granularity Change Time? Install Software? Catalog of Actions Add ActiveX? Config Network? Change Elevate App? Properties? Directory Least of Users Privilege List of Policies
  • 22. …isn’t this also in Windows?
  • 23. …isn’t this also in Windows? • Also true, sort of: Applocker. • Where it works: Facilitates central control of execution and elevation.
  • 24. …isn’t this also in Windows? • Also true, sort of: Applocker. • Where it works: Facilitates central control of execution and elevation. • Where is fails: Centers its catalog around executables, MSIs, and scripts. What you need is a catalog of actions.
  • 25. Privilege Authority Targeting • Dynamic targeting based on: • 18 Base criteria • Boolean Operators • DEMO!
  • 26. Problem #3: Rules that Work • Having a catalog of actions is one thing. • Having the entire list of action instances is another.
  • 27. Problem #3: Rules that Work • Just installing a privilege management solution doesn’t automatically bring Least Privilege. • Any solution is a framework within which rules must be created. • That framework enables you to map users to policy- approved actions. • Finding the rules that work is a significant challenge!
  • 28. Problem #3: Rules that Work • SOLUTION: It takes a community. • Getting the rules that work requires the assistance of an entire community of Least Privilege Followers • An effective solution will enable you to share rules with others. • With a clearinghouse of effective rules, populated by others with similar situations, you can quickly find those that work for you. • …then you arrive at Least Privilege much more cleanly and faster!
  • 29. …but who needs a community?
  • 30. …but who needs a community? • Is Google really your friend?
  • 31. …but who needs a community? • Is Google really your friend? • Allow a non-admin user to install an Adobe executable based installer (such as ending in ".exe") when the installer has been digitally signed by Adobe. • Allow installation of MS Live Meeting Windows Client, protected with publisher cert information. • Allow file operations from the File | Open menu with unrestricted editing, but without enabling 'child processes' because then you can 'run as administrator' and launch executables. • Allow Firefox to be installed to the users profile without admin rights by matching both a digital certificate and file hash to ensure it is valid only for the current version. • Allow users to run ActiveX controls to view Olsen field webcam. • Allow users to install/update an array of preapproved applications on their own, while giving administrators the ability to create repositories for additional software. • Allow privilege elevation for Security Explorer on Windows 7 to remove the need to specify UAC credentials when the application starts.
  • 32. The Privilege Authority Community www.privilegeauthority.com • Forums • Rules Exchange • DEMO!
  • 33. Privilege Management is the Death of Administrator • Finding the balance between security and user productivity requires a granular approach. • You can’t get that with Administrator rights alone. • You can’t get that with Privilege Management alone. • It takes a community. • Be part of that community…
  • 34. Resources • Privilege Authority Community www.privilegeauthority.com • Privilege Authority Pro www.scriptlogic.com/pa • Greg Shields www.concentratedtech.com
  • 35. “SMB IT Simplified” www.scriptlogic.com/smbit • Real-world articles • Industry experts • Vendor-agnostic Connect with us and Win!