BeyondTrust Announces Vista UAC Security that Works for the Enterprise

Privilege Manager 4.0 is First to Use Group Policy to Manage Vista Integrity Levels; New Rules Ease Privilege Management of Developers, Laptop Users and Other Groups

PORTSMOUTH, NH.-- May 5, 2008 --BeyondTrust Corporation today announced a new version of its flagship Least Privilege Management product, BeyondTrust Privilege Manager 4.0, the first product to use Group Policy to manage Vista Integrity Levels. Privilege Manager now enables customers to set the integrity level of an application process to create an enhanced Least Privilege security environment. Privilege Manager 4.0 also provides new on-demand capabilities that enable authorized users to elevate the privileges of applications not previously specified, complementing the product's ability to manage privileges for specified processes. In addition, Privilege Manager 4.0 introduces other features to make it easier for companies to receive the benefits of User Account Control security without prompting users with dialogue boxes. The release reinforces BeyondTrust's position as the market leader in Least Privilege Management and the key to Least Privilege security in enterprises running Windows.

At the RSA Conference 2008 in April, Microsoft said it included User Account Control in the Windows Vista operating system to "annoy" users and pressure software vendors to create products that run without requiring users to have administrator rights. BeyondTrust Privilege Manager 4.0 enables enterprises to eliminate administrator rights while allowing users to run all authorized applications by transparently granting administrative privileges to the specified applications that require them. This makes systems more secure by giving users only the minimal rights they need to do their jobs. Privilege Manager 4.0 makes the transition to a Least Privilege environment even easier with new policy rules to simplify the process of granting elevated privileges.

"Microsoft's goal of removing admin rights to boost security is laudable but the approach has left many enterprises unwilling to deploy Vista at this time," said John Moyer, CEO of BeyondTrust. "Security pop-ups and prompts hurt productivity and swamp Help Desks with calls, particularly in organizations with hundreds or thousands of employees. BeyondTrust Privilege Manager 4.0 makes Windows more manageable and enterprises more secure by eliminating the need for administrator rights, and the best part is end-users don't even know it's working."

Privilege Manager provides great flexibility for enterprises to transparently manage user privileges and maintain their standardized desktop configurations, such as those recently specified in the Federal Desktop Core Configuration mandate. Privilege Manager 4.0 supports Microsoft Windows Vista as well as 2000, XP, Server 2003/2008 and 64-bit platforms.

"Privilege Manager has proven to be vital in our security strategy of removing admin rights from our users. Through a straightforward, Group Policy-based interface we are able to target very specific applications and processes for privilege elevation," said Chad Lueck, business process consultant at Dorsey & Whitney LLP, one of the largest law firms in the United States. "Privilege Manager provides the ability for our standard Windows XP users to seamlessly run applications and perform tasks that would otherwise require them to have admin rights. The product's transparency is key. Vista's UAC prompts will not be tolerated by most users."

Based on feedback from customers, BeyondTrust Privilege Manager 4.0 introduces new enhancements to strengthen Least Privilege security and new features to meet the hard-to-predict privilege management needs of enterprises with developers, laptop users and other users that may need more flexibility than a traditional lockdown model. The enhancements include:

• Vista Integrity Level management--Privilege Manager 4.0 is the only product to enable organizations to set the desired integrity level for a given process using Group Policy. Using Privilege Manager, enterprises can now specify integrity levels for any application to provide additional protection from potentially damaging system changes.
• On-demand user initiated elevation--To help enterprises manage traveling laptop users, developers, system administrators and others that need more flexibility, Privilege Manager features new capabilities to allow an authorized user to self-initiate privilege elevation for applications or software installation. When a user elevates an application using this method, it will be logged to allow for auditing and to provide insight into when a user requires elevated privileges.
• Certificate rules--Using Privilege Manager 4.0, administrators can now define rules to provide elevated privileges to applications with digital certificates signed by specified software publishers. This new feature provides administrators the ability to create rules more quickly and efficiently for software provided by trustworthy sources.
• CD / DVD rules--To allow for the installation of software from authorized CDs and DVDs that an enterprise may distribute, Privilege Manager includes a new rule to elevate software installation from specified CDs or DVDs.

For more information about BeyondTrust Privilege Manager 4.0, visit: http://www.beyondtrust.com/products/PrivilegeManager.aspx