Endpoint Security Managment from Thycotic

Do you have many end devices in operation? Do company guidelines have to be adhered to? Is IT security an issue?
Thycotic provide you with comprehensive control over multiple desktops and corporate policy compliance through Privilege Management.

Thycotic products provide Mac and Windows devices with comprehensive protection when it comes to advanced threats, complex malware, and many more threats a company may face.

→ Thycotic is a stand-alone solution which does not require any other products.
This means that the Thycotic installation does not rely on other software such as Altiris and can therefore be inserted into any IT environment.

→ FYRE Consulting is a partner of Thycotic in Switzerland.
As an IT company, we know why you should not bury your head in the sand when it comes to IT security. We would be happy to show you on-site how Thycotic works and discuss with you how you can benefit from it. Get in touch with us without obligation.

Privilege Management from Thycotic briefly explained

85% of all data leaks or attacks occur on the end device of completely normal users!

Why? Because most users (mostly unknowingly) have more rights on their end device than they actually need for their work! These so-called admin accounts, together with root accounts, superuser accounts and domain admin accounts, pose an enormous threat to the entire IT infrastructure and can put an entire company at risk! It does not matter at all whether the end device is located at the user’s home or office, or whether it is in the company domain or not.

Good protection against this – probably the biggest – threat is therefore mandatory for all companies that have several end devices in operation!
But how do you implement this without disrupting users’ productivity or restricting their rights too much? After all, you don’t want to virtually demote your employees or restrict their area of operation…

This is exactly where Thycotic’s solution steps in: Privilege Management

Privilege Management has recognized that rights should not be withdrawn from users as a matter of principle, but from the software that users have on their end devices. This ensures that user XY can still access the same programs as usual and work as usual, but the unnecessary permissions are revoked.

Thycotic’s Privilege Management is composed of two parts:

  1. Least Privilege
  2. Application Control

Here we briefly and clearly present these two points that make up Privilege Management and show you what advantages Privilege Management brings you:

Least Privilege

Users with Local Admin rights are so-called Privileged Accounts, i.e. a kind of «user account with privileged rights».

These rights can, with just one careless click on an infected link and the download of malware, cause catastrophic consequences for a company.

For this reason, the first step is to remove all administrative rights on endpoints. The implementation of Least Privilege also ensures that all non-visible or hard-coded rights are removed as well. This ensures a clean and consistent starting point for further actions. The goal is for the user to have as few privileges as possible, and as many privileges as necessary.

This is what Least Privilege offers

  • Track down privileges
  • Applications can be inventoried
  • Create custom groups
  • Administrator privileges are removed
  • (Company) policies can be created
  • White-, grey- and blacklisting of applications
  • Sandboxing (virtualization of an application)
  • Application rights can be increased individually
  • Custom workflows can be created
  • Reports can be easily created and shared
  • Compliance with (company) policies is shown

Reports on compliance with (company) policies are easily generated and will please any decision maker or auditor

  • How many endpoints are in compliance with (company) policies?
  • How many applications need to be regulated by application control?
  • How many and which dangerous applications have been secured?
  • Which endpoints or users have tried to invoke unsafe applications or processes?

These reports are very easy to create and can be shared just as easily.

Application Control

In many cases, removing all administrator rights has a negative impact on users and generates additional work for IT support. This is where Application Control comes in.

By customizing application permissions, administrator rights for end users become unnecessary, making systems more secure and stable, and eliminating the need for additional IT support.

For example, Application Control automatically whitelists trusted software. Based on the latest status of databases such as VirusTotal, a «blacklist» is created and new, unknown software is placed on a «greylist». It also allows administrators to inventory software applications, prevent unwanted malware, control permissions on applications, and run or block untrusted software in a virtual layer (called «sandboxing»). Virtualization is about preventing an application from accessing the file system, for example.

This is what Application Control offers

  • Automated application control (identify software, check against lists, execute defined policy)
  • (Company) policies can be configured individually, depending on security and business standards
  • The IT security team has control over:
    • Who is allowed to run processes with admin rights
    • Whether processes are allowed to run and on which endpoints
    • Whether processes are allowed to run in certain regions or at certain times of day
    • Whether sub-processes are allowed

The most important advantages for you

→ Secure local administrator accounts and passwords – So that the administrator does not become a security risk!
→ Unwanted functions and unwanted software on the end devices are blocked.
→ User productivity is not restricted:
→ Conferencing applications such as GoToMeeting or WebEx can still be run.
→ Printer drivers can still be installed, even remotely
→ Developers can still use software that accesses an SQL DB
→ Operating system settings are automated and maintained according to your company standards
→ You get the priceless knowledge that your IT is protected and equipped with the latest protection capabilities

Supported operating systems

  • Windows XP 5.1 or newer
  • MacOS 10.11 (El Capitan) or later

When it comes to endpoint security, Privilege Management offers a multi-layered approach that also covers your individual security needs.

The Privilege Management Solution from Thycotic in detail:

Discovery

  • Windows & Mac Account Discovery on Endpoints
  • Windows & Mac Application Discovery
  • Non-Domain Endpoint Support

Local Security

  • Local Admin Rights Removal
  • Local User Account Management
  • Local Group Membership Management
  • Automated Local Account Password Rotation

Application Control

  • Flexible Policy Deployment Configuration
  • Dynamic Whitelist, Blacklist, Elevation, and Greylisting Policies
  • Real-time Application Analysis / Reputation Checking
  • Sandboxing
  • User Access Control (UAC) Override
  • End-user Justification & Admin Approval Workflow
  • Child Process Control

Auditing and Reporting

  • Responsive & Actionable Reporting Dashboard
  • Centralized Application Event Logging
  • Local User & Group Activity Auditing
  • Agent & OS Reports
  • Custom & Scheduled Reports

Integrations

  • Active Directory
  • ServiceNow
  • Virus Total
  • System Center Configuration Manager (SCCM)
  • Symantec Management Platform
  • SysLog / SIEM

Enterprise Readiness

  • Privilege Manager Mobile App
  • High Availability & Load Balancing
  • Reverse Proxying

FYRE Consulting is an authorized partner for Thycotic products in Switzerland. Benefit from our extensive knowledge in this area, we will be happy to explain to you how Thycotic works and how you can use it to make your IT environment much more secure.

Would you like to find out specifically which solution covers all your requirements?
Get in touch with us and we’ll find out together.