BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Sneak Peek at PowerBroker Desktops 5.3 — Message Box Enhancements

Post by Peter McCalister August 9, 2012

PowerBroker Desktops 5.3 will be released this month, and as a follow up to our previous article, this article describes additional enhancments to end user message boxes that provide users with more flexibility and functionality.

The first thing we did was give you additional control over the content that can be put into message boxes and also have added some elements to allow you to better control the aesthetics of the message boxes.

The message box user interface now allows you to control the background color and background images, and you can also customize the text color. Additionally, we provided the ability to add a custom URL to the message boxes so that an end user can open a helpdesk ticket or be redirected to a website for more informtion.

Another unique new feature that we have added to the message box capabilities is what we call Challenge/Response Policy Override. This allows you to solicit a passcode from the end user and allow them to run an application that is either blocked from running by PowerBroker or run an application that is prompting with User Account Control (UAC). Here’s what the workflow looks like:

When an application prompts with UAC, the user is presented with a customizable message box like this:

If the user presses the OK button, the message box closes and the application does not start. If the user presses the Cancel button, PowerBroker Desktops returns the user to the standard UAC prompt. If the user presses the Passcode button, they are taken to a message box that looks like this:

You have full control over the text in the message boxes, but by default, it will ask to user to contact the helpdesk to provide the Authorization Code. The helpdesk then would enter the Authorization code into a code generator in PowerBroker Desktops and provide that code to the end user. Once the code is entered by the end user, the application would then run properly. This feature is great for users who might be offline and without an internet connection, or even for simple, ad hoc privilege elevations that a limited number of users require for specific tasks. These privilege elevations that are done with a passcode are logged to the system so that you can report on them later to verify that they were used appropriately.

The Challenge/Response Policy Override feature also works great if you are using PowerBroker Desktops for application whitelisting. When an application is blocked, you can put the users through the above process in order to allow the user to run or install an application.

Check out this blog tomorrow for some additional exciting new features that we are about to release.

Leave a Reply

Additional articles

BI-Qualys-Connector-IMG1

Getting More Value from QualysGuard Vulnerability Data with BeyondInsight v5.1

If your vulnerability assessment scans can’t produce meaningful and actionable reports, performing a scan does no good for anyone. If you’ve read my other blog posts, you know I have no qualms about stating that BeyondTrust provides the best vulnerability reporting in the industry. Ask your favorite analyst and they’ll tend to agree. Of course,…

Post by Morey Haber April 18, 2014
Tags:
, , , , , , , ,
insider-threat-fed

Mitigating Inside Threats to U.S. Federal IT Environments

Recent high-profile cases have increased the perceived risks that go along with disclosure and usage of confidential information. One of the most difficult security threats to mitigate is an attack from the inside. When an over-privileged user, such as an unhappy current or former employee, contractor, or consultant, begins navigating your network, how will you…

Post by BeyondTrust Software April 17, 2014
Tags:
, , , , ,

Are you a Target? Investigating Security Breaches with Kevin Johnson

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Post by Chris Burd April 17, 2014
Tags:
, , , , ,