User environment security


The Desktop Authority Management Suite offers a range of Windows security options to help you control access and maintain endpoint security.

Lock down endpoints.

Secure user environments aren't only about the software and permissions configured for a user. They're also about the devices each user can introduce into that configuration. The Desktop Authority USB and Port Security component controls both device usage (like flash drives, printers, cameras and mobile devices) as well as port access (such as serial, infrared, USB and more)—all according to each user's unique levels of authentication and access. Choose which level of access you provide by targeting Read, Write, Full Access or Full Deny.

Set policy with intelligent USB whitelisting/blacklisting.

The USB and Port Security component allows you to either set policy through whitelists (blocking everything and then explicitly allowing certain devices) or through blacklists (where the disallowed devices are explicitly entered).

Elevate Windows operations and provide flexibility to users.

Some Windows features, even those as simple as changing the time or time zone, require administrative privileges. Empower users to work more and wait less by elevating rights on specific processes with Privilege Manager. Easily elevate the features they need but keep the rest locked down.

Discover applications that require elevated privileges.

Privilege Manager can be run in discovery mode to discover which applications being used require administrative privileges. Once discovered, it is simple to create privilege elevation rules so users can use applications without disruption.

Grant user rights to update and install trusted apps securely.

Allow users to install the latest version of Adobe Reader or apply the latest Java update themselves with Privilege Manager. At the same time, maintain endpoint security by preventing installation of viruses and unwanted apps. Also provide users with the ability to request elevated privileges when needed, sending a request to the administrator to deny or approve, then notifying the user once processed.

Verify that applications are approved for administrative privileges.

Privilege Manager can use several methods to determine that an application is really the one intended for elevated privileges. Create elevation rules specific to an application vendor/publisher based on their digital certificate to ensure only trusted applications are launched and/or elevated for users. Privilege Manager can also use the file hash to protect against users who rename files in the hopes they can elevate a different application.