One of our customers has a branch in Toronto so they fall under a multi-regulatory scheme. That's where the multi-cloud infrastructure and the ability to visualize via the dashboard come in handy. That's why the product is useful for us. It gives us a centralized dashboard both for the Privileged Management and the Cloud Privilege Broker. That's why it was chosen.

In addition, de-provisioning of privileged access accounts can be done in minutes. If we need to de-provision someone, we can do it really quickly. And with Endpoint Privilege Management, admin rights can be granted and revoked within minutes. For us, everything comes down to that. The ability to revoke rights is one of the ISO mandates.

Overall, Endpoint Privilege Management provides an immense increase in security, as our 27001 reports indicate.

It has helped in multiple ways. We have more than 30 years of legacy of having local admins on our endpoints. With this solution, we have removed the local admins from the users. Now, we are giving them privileges on their machine only for the applications and not for everything. It has reduced the unwanted risk and increased the security posture. 

It also helps with some robotic process automation. It helps with certain actions that we have been engaged in for certain RPA-type behaviors.

We are able to increase the security by blocking a lot of applications, such as encrypted chat applications and blacklisted applications. Data exfiltration is a big concern in our company, and this solution helps us to tighten up those controls in many different ways. We are able to control the access.

It is helpful for security. We have thousands of applications and a lot of users who are using these applications. We don't have to provide each and every user admin rights to install those applications. We can just whitelist those applications and provide them to the users. We don't have to provide admin rights to the users, which makes it secure because once the users have admin rights, they can do anything on their devices. We don't have to provide them with admin rights just for installation purposes. We can just whitelist those applications in the environment, and we're good.

It is very important that we can add events straight from event logs and/or the database. Those logs are used for creating rules.

It allows us to elevate approved applications and actions without broad admin rights. It reduces the support tickets because a user is able to use applications without any problems.

It has reduced the tickets for application installation. We don't get any tickets because an application first gets analyzed and only then gets deployed in the production environment. So, if there is any issue regarding the deployment of an application, it gets sorted out initially, and we don't get any support tickets related to that. It has reduced the support tickets from the end-user perspective.

By reducing the number of tickets, it has reduced desktop support costs. From the application perspective, whitelisting and other things are handled remotely once, which reduces the support tickets. When the support tickets are reduced, the workforce required to attend to and resolve those issues is also reduced. The cost savings depend on the number of applications you have in your environment and the number of users you are dealing with. 

It provides a single solution for managing endpoint security preferences. Its impact on our endpoint management operations is good. We don't have to provide admin rights to all the users. It has increased the security of the environment, and it has reduced the exposure score from the vulnerability perspective. It is a very good solution. It has improved our security posture.

Everyone in the company uses BeyondTrust Endpoint Privilege Management—about 3000 to 4000 in South Africa and another 1000 in the UK.

When it comes to FSO security, a prevalent objective is the removal of admin rights for users and many security teams aim to transition users from admin to standard status, even while ensuring the seamless operation of critical business applications. Challenges arise as some users find it difficult to complete their tasks without admin rights. Avecto Defendpoint addresses this by allowing specific business applications to run with elevated privileges through the Advantage Token. Striking a balance, it empowers users in standard mode to run essential business applications with the necessary admin rights, while maintaining a secure posture.

Previously, all users were in the administrator group of their machines. Since PowerBroker elevates the user, we can remove the users from the administrator group. Thus, the machines become less vulnerable to attacks

It reduces major vulnerabilities by removing local administrator privileges.

We implemented the BeyondTrust suite of products as part of our initial evaluation and continued to use the product because we liked it very much. We distribute security solutions to our customers, so we can only sell something to our customers that we believe in. And the best way to start to believe in something is to experience it. So, from the initial evaluation environment, we moved a few assets – because it's not a very large organization - and implemented a workflow process for our IT contractors. Developers and network engineers who access our infrastructure devices such as servers, routers, and firewalls have to put forth a request (though we've kept them as auto-approve 24x7, since we trust them :) ), to access the devices. All these activities are monitored, recorded & audited on a periodic basis or in cases of issues. We do not have any external auditing done within our company. However, I can imagine the kind of details provided by the solution to the auditors on almost all of the IT activities required to be monitored and audited.

Apart from auditing & recording requirements, our sysadmin now has the best control of his work in his tenure with us, in the area of patch management for our networks. RNSS has been scheduled for periodic scan jobs preparing a report. We've configured the Enterprise Update server, which checks the vulnerabilities, suggested remediation, and once they've been reviewed, all the systems are patched directly from the Enterprise Update server.

These are some of the areas I can think of at this point of time that we have benefited from BeyondTrust so far.

There are severals application that all users needed to have local admin configured to work. After the powerbroker implementation, all users with this privilege were removed, it improved the security and helped to change the IT vision, from Security to SAFETY.

Simplifies server access without password distribution.