BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Quintiles Selects PowerBroker for Desktops to Get Least Privilege

Posted June 3, 2011    Peter McCalister

Quintiles Transnational is a company that helps improve healthcare worldwide by providing a broad range of professional services, information, and partnering solutions to the pharmaceutical, biotechnology, and healthcare industries. Headquartered near Research Triangle Park, North Carolina, and with offices in more than 40 countries, Quintiles is a leading global pharmaceutical services organization and a member of the Fortune 1000.

As far as their IT environment goes, Quintiles Transnational manages over 13,000 end-user computers. The company wanted to remove the local administrative privileges from all their end-user accounts and run a least privilege user environment. The goal was to prevent employees from performing installations of their own, as well as running whatever software and applications they wanted. Unfortunately, Quintiles had a difficult time identifying a workaround that would allow applications requiring administrator privileges to run without the significant workload of writing custom install scripts or frequently visiting individual desktops to install software. That’s where BeyondTrust came in.

With Windows Active Directory installed and 13,000 computers running Windows XP, BeyondTrust’s PowerBroker Desktops was the perfect solution for the issues facing Quintiles. Security, compliance, and productivity were at the forefront of the company’s needs, and running PowerBroker Desktops would enable them to create the least privilege environment they required while increasing end-user productivity. Quintiles continues to use PowerBroker Desktops to elevate the permission level for the users who need to run authorized third-party applications, in addition to homegrown software, that require higher privileges than those to which the user is normally entitled.

Leave a Reply

Additional articles

How To Implement The Australian Signals Directorate’s Top 4 Strategies

Posted October 20, 2014    Morey Haber

The Australian Signals Directorate (ASD), also known as the Defence Signals Directorate, has developed a list of strategies to mitigate targeted cyber intrusions. The recommended strategies were developed through ASD’s extensive experience in operational cyber security, including responding to serious security intrusions and performing vulnerability assessments and penetration testing for Australian government agencies. These recommendations…

Tags:
, , , ,
asp-mvc

Exploiting MS14-059 because sometimes XSS is fun, sometimes…

Posted October 17, 2014    BeyondTrust Research Team

This October, Microsoft has provided a security update for System.Web.Mvc.dll which addresses a ‘Security Feature Bypass’. The vulnerability itself is in ASP.NET MVC technology and given its wide adoption we thought we would take a closer look. Referring to the bulletin we can glean a few useful pieces of information: “A cross-site scripting (XSS) vulnerability exists…

Tags:
4bestpracticesaudits-blog

Four Best Practices for Passing Privileged Account Audits

Posted October 16, 2014    Chris Burd

Like most IT organizations, your team may periodically face the “dreaded” task of being audited. Your process for delegating privileged access to desktops, servers, and infrastructure devices is a massive target for the auditor’s microscope. An audit’s findings can have significant implications on technology and business strategy, so it’s critical to make sure you’re prepared…

Tags:
, , , ,