"Allowing a user to be an administrator on their workstation ensures that they can manipulate and modify client-based Group Policy data to their heart's content, effectively eliminating the value that Group Policy provides in managed Windows environments. This is where taking a least privilege based approach to workstation security provides significant benefits. By implementing the best practice of least privilege with BeyondTrust Privilege Manager you can create a secure Group Policy solution and a secure desktop environment."
- Darren Mar-Elia, Windows IT Pro Magazine contributing editor and author of 11 Windows books including, the Windows Group Policy Guide.
"[BeyondTrust Privilege Manager, formerly PolicyMaker Application Security] blew away the competition... As for who should spring for the extra security, organizations that need to run their desktops under the principle of least privilege will benefit greatly. Desktop security is on everyone's radar these days, and we give kudos for taking it seriously."
- Michael Fudge, Network Computing Writer and Syracuse University Systems Administrator
"[BeyondTrust Privilege Manager, formerly PolicyMaker Application Security] provides outstanding tools to help companies solve the problem of application compatibility in restricted desktop environments… [BeyondTrust Privilege Manager] presents a clean and elegant solution to the problem of getting legacy applications to work for users who don't have administrative rights on the desktop… With great success, eWEEK Labs tested [BeyondTrust Privilege Manager] against a number of applications known to founder without administrative rights. By simply adding the built-in administrator account to an application token via policy, we quickly were able to get Microsoft's AntiSpyware Beta 1, various Lenovo ThinkPad management tools, Intuit's TurboTax (and its AutoUpdate feature), Nero 7 Ultra Edition and an older version of Jasc's Paint Shop Pro operational. In each case, the application process is still owned by the user with restricted rights, but the local administrator rights were seamlessly added to the security token."
- Andrew Garcia, eWEEK Labs Technical Analyst
"Microsoft is moving at glacial speed to a better user/application security model, but an even better one is available…It's surprising to me that Microsoft hasn't taken more of a step in this direction for Vista and Longhorn. They have taken smaller steps in those operating systems with the use of restricted tokens, such as the PA or "Protected Administrator" feature they discussed for Longhorn… [BeyondTrust Privilege Manager, formerly PolicyMaker Application Security] probably addresses most of the issues that non-Windows advocates pick on in Windows, but in fact it goes further. By adding an application/user pairing to the permissions, you get even more control."
- Larry Seltzer, eWEEK Security Center Editor and computer industry writer since 1983
"VistaPrint uses a number of applications that require various levels of elevated privileges, which until now has proven to be an unsolvable IT nightmare. With BeyondTrust Privilege Manager there is no longer a need to issue administrative privileges to end-user accounts because we can just assign them to the specific applications - a dream come true."
- Nick Duda, VistaPrint Senior Systems Administrator, MCSA, MCDST, CCSA, TCSP, Security+
"With the power of local administrative rights, nothing scares most administrators more than an exploited local administrator password."
Chris Wolf, MCPMag.com writer and author of several books, MCSE, MCSE, MCT, CCNA
