Marzo 2006

Winternals Protection Manager™ Secures the Windows Enterprise with the Least Privileged User Approach

Winternals Software®, a leading provider of systems availability and protection solutions, today announced that Protection Manager enables a secure least privilege environment for the Windows enterprise. Protection Manager allows the migration of Windows users from the Administrators or Power Users groups to the Users group, eliminating the dangers produced by users running with administrative rights.

"Establishing a 'least privilege' environment is fundamental to countering the threat of malicious software," said Edwin Brasch, president and CEO of Winternals. "Protection Manager’s ability to reduce end-user security privileges to the minimum level necessary without disrupting legacy or line-of-business applications that require administrative privileges reduces exposure to both high-risk known applications and malicious applications."

Protection Manager is a proactive Windows enterprise security solution that can adjust application privileges in real-time and block all applications not specifically authorized to run. Users who must run as local administrators can reduce the risk of high-exposure applications (such as web browsers and instant messaging software) by running those applications with Limited User privileges, and legacy applications can be elevated to run with administrative rights even for members of the local Users group who require access to these applications.

The common practice of granting users administrative rights on their client computers significantly increases vulnerability to malicious applications and external attackers. When users run with local administrative rights any applications they access, such as web browsers or instant messaging programs, also run with administrative rights. These users can unintentionally introduce malicious software onto their systems through such actions as visiting a compromised web site or opening an attachment via IM that may contain a malicious application. Once malicious software has been activated it can cause systems to become inaccessible, destroy data, and spread throughout the network.

The ability to adjust security privileges is not currently available in Microsoft Windows. Future Windows versions will permit user privileges to be elevated and reduced, to a degree. However, elevation will be conducted manually at the discretion of the user and, unlike Protection Manager, cannot be centrally managed throughout the enterprise by the IT staff. Protection Manager is also available today, for Windows 2000, Windows XP, and Windows Server 2003.

“Moving all of my end-users out of the ‘Administrators’ group is a security no-brainer,” said Robert Guidarini, IT Manager for Clear Channel Communications. “But with legacy apps that need administrative rights and a stack of productivity obstacles it simply wasn't feasible. With Protection Manager, we can do it, and it works.”