BeyondTrust, a leading cybersecurity company dedicated to preventing privilege misuse and stopping unauthorised access, has announced two new features in PowerBroker for Windows that help IT administrators manage privileged access by automating their security policies.
With an increase in stolen credentials as the cause of many of today’s data breaches and hacking attacks, according to the Verizon 2018 Data Breach Investigations Report, organisations must remain vigilant in their execution of security policies across the enterprise. Considering the sheer volume of potential endpoints an organisation must manage when implementing least privilege rules and the complexities associated with developing rules based on users’ needs and privileged elevation requirements, an automated solution speeds the time to value and reduces the risk of inconsistent or incomplete policies.
PowerBroker Policy Accelerator, a new and revolutionary capability of the PowerBroker for Windows solution, intelligently identifies new applications and privilege elevation requirements based on real activities in the network and user event logs and subsequently automates the process of defining and generating the necessary policy rules.
Additionally, PowerBroker for Windows version 7.5 includes enhanced protections against rogue scripts by allowing only those with an approved signature and other specified criteria to run. This capability is essential for scripts that manage configurations or provide privileged access to resources.
Combined with application-to-application scripts like those used with PowerBroker Password Safe, companies can validate whether a script has been tampered with before it is granted authorisation for password or application use. This enhancement not only helps administrators and users, but also helps next-generation initiatives for DevOps automate Windows environments embarking on digital transformation journeys.
PowerBroker for Windows version 7.5 now also supports Microsoft Windows Update of April 10, allowing IT admins to remain up to date on the latest Windows OS. This compatibility update demonstrates BeyondTrust’s commitment to staying in lockstep with the Microsoft community.
With the latest version of PowerBroker for Windows, IT administrators can achieve the following:
- Reduced attack surfaces – Decrease attack surfaces by removing admin rights from end users and employing fine-grained policy controls for all privileged access
- Continuous monitoring – Monitor and audit sessions for unauthorised access and/or changes to files, directories and lateral movement
- Analyse behaviour – Detect suspicious users, accounts and asset activities through behaviour analysis and vulnerability-based application management (VBAM)
“Discovering, creating, and testing least privilege policies can be a challenge for many of today’s enterprises,” said Morey Haber, CTO, BeyondTrust. “IT teams are often tasked with evaluating multiple systems and understanding a wide array of users’ needs in order to determine the privileged elevation requirements and the necessary system parameters.
“What’s more, much of this work is done in test environments and doesn’t take into account all of the real-world scenarios that can happen. With the new PowerBroker Policy Accelerator feature, organisations can quickly find the elevation requirements, and then test and save required rules on the fly, while maintaining consistency without sacrificing compliance.”
PowerBroker for Windows version 7.5, including the free Policy Accelerator capability, is available now along with support for the latest versions of Windows 10.