Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

Even With Windows 7, Privilege Management Tools May be Needed

by Neil MacDonald  |  April 8, 2011  |  Comments Off

One of the top recommendations I made to increase your security “bang for the buck” in 2011 was to increase the percentage of users that run without administrative access.

For clients, we’ve recently published a research note that details the best practices for removing administrator rights from Windows users.

One of the best practices is to use the migration to Windows 7 as a catalyst to remove administrator rights. Windows 7 helps the removal of administrator rights with a set of technologies under the umbrella brand of “User Account Control”; however, UAC has it own set of pros and cons.

Many clients have reached the conclusion that a third party privilege management tool will be required to help with the removal of administrator rights – at least for some percentage of their users.

The good news is that there are multiple competing vendors that provide this capability:

  • Altiris (Symantec) – as a feature within its application control offering, sold separately on request
  • AppSense – as a feature within its application manager offering but not sold separately
  • Avecto
  • BeyondTrust
  • ScriptLogic
  • Windows “Run As” (requires administrator credentials)
  • Viewfinity

Note that ScriptLogic has moved beyond its free, community-supported offering to an enterprise version that includes support and more features.

If you are a client, give me a call if you want to talk through these solutions and whether or not they are required with your Windows 7 deployment.

Comments Off

Category: Microsoft Security Windows 7     Tags: , , ,