Privilege Guard Working

Least Privilege Management

Eliminate Admin rights of users from making unwanted desktop changes without restricting them from performing their job function continue to pose serious challenges for almost all organizations. Striking a Least Privilege balance between users with a degree of control over their desktop configuration and protecting the standard desktop build is difficult, as this control often results in granting admin rights to a user.

 Once granted, admin rights give a user control over every aspect of their desktop configuration, a scenario that does not sit well within a corporate environment. Users with admin rights also carry a greater threat from malware, as payloads are almost always more destructive under a privileged account.

privilege elevation

Privilege Management

Rather than giving admin rights to users, Privilege Guard can assign elevated rights to individual applications and tasks. With Least privilege management you can assign admin rights or custom privileges to the applications that require them.
application control

Application Control

Not all applications require admin rights to install and some applications don’t need to be installed. Block the execution of unauthorized applications, including software installers and scripts. Advanced users may be warned of their actions and audited
on demand elevation

On Demand Elevation

For the more demanding user, Privilege Guard integrates with the Windows shell menu to provide an "on demand" elevation facility. All elevated applications are audited, ensuring the user does not abuse this privilege guard and they can optionally be warned of their actions.
End User Messaging

End User Messaging

Present your users with customizable messages before an application is launched or blocked. The messaging includes full multi-lingual support, and users may optionally be prompted to re-authenticate or to provide a reason. For a corporate look and feel you can also add your company logo.
Privelege Monitoring

Privilege Monitoring

Privilege Guard can monitor application behaviour and log events for any application that would fail to run under a standard user account. More detailed activity logs can also be captured, which enable closer inspection of any privileged operations.
Centralized Management

Centralized Management

Privilege Guard is tightly integrated with Windows Group Policy and no additional backend infrastructure is required to implement the solution. It can be configured in minutes and deployed through Active Directory Group Policy to an entire desktop estate.
Simple Policy Configuration

Simple Policy Configuration

Enabling an application to run with elevated rights couldn’t be easier. Define the application in the Privilege Guard Policies, set its identification options and simply assign the application to the users who require elevate rights over it.
Auditing Reporting

Auditing and Reporting

Application activity is audited and may be centralized through Microsoft Windows Event Forwarding. The Privilege Guard reporting console provides centralized reporting on applications and their assigned privileges
share this