BeyondTrust Announces Windows Vista UAC Security without the Prompts

BeyondTrust Privilege Manager 3.5 Provides Technology that Eases the Adoption of Windows Vista in the Enterprise; Enables Best-of-Breed Solution to the Least Privilege Problem

Portsmouth, NH—August 21, 2007— BeyondTrust Corporation, the first provider of Least Privilege Management solutions, today announced BeyondTrust Privilege Manager 3.5, the first product to eliminate many if not all of the User Account Control (UAC) prompts an enterprise user might see when running Windows Vista. Privilege Manager 3.5 provides users with elevated privileges when required, enabling a Least Privilege security environment without unnecessary UAC dialogue boxes. Privilege Manager 3.5 can be installed with UAC on or off. It supports Windows Vista, including its recommended corporate configuration, as well as Windows 2000, XP and Server 2003, providing great flexibility for enterprises to transparently manage user privileges and maintain their standardized desktop configurations, such as those recently mandated by the U.S. Office of Management and Budget (OMB).

Microsoft recommends that enterprises increase security by running users without administrative privileges or access to administrator accounts. However, in many cases, enterprise users need to run applications that require administrator privileges. Privilege Manager securely solves this problem by enabling administrators to configure an environment in which end-users can run all required applications and perform all authorized tasks without administrative privileges or administrator passwords; thus helping to protect against malicious use, malware and zero-day threats.

Windows Vista’s User Account Control provides additional protection for users with features such as Internet Explorer protected mode but does not solve the problem of allowing non-administrators to perform tasks that require administrator rights without those users having access to administrator credentials. Windows Vista UAC can be configured in two ways for standard users who do not have administrative privileges: to prompt users to provide their administrator passwords in order to run applications that require elevated privileges; or to not prompt users and deny the use of applications or features that require elevated privileges. Distributing administrator passwords to standard users is not a secure solution. It places the security decision of which applications to elevate in the hands of the user instead of a network administrator. Additionally, these credentials can enable users to circumvent security policies, make ill-advised system changes and run or install applications as an administrator.

"Microsoft recognizes that to help create a secure, auditable and compliant enterprise environment all users should be Standard Users and ideally not have administrative privileges or access to administrator passwords. BeyondTrust Privilege Manager helps corporations that need to allow standard users to run applications that require administrative privileges on Windows Vista with UAC enabled without any prompts or input required from the user. I am pleased to see third-party security vendors such as BeyondTrust improve what is already our most secure business client OS, Windows Vista," said Microsoft’s Austin Wilson, director, Windows Client Security Product Management at Microsoft Corporation. "The combination of elevating approved applications transparently with Privilege Manager and running UAC in no prompt mode with Internet Explorer in protected mode provides a best-of-breed solution to the least privilege problem."

BeyondTrust Privilege Manager 3.5 puts the security decision of when to elevate privileges in the hands of network administrators, allowing them to create security policies that are applied via Microsoft’s Group Policy to automatically grant authorized applications the necessary privileges to run, thereby suppressing UAC prompts, while allowing enterprises to enjoy the other advantages of Windows Vista and UAC. Privilege Manager 3.5 now allows enterprises to operate with User Account Control turned on or off. When UAC is enabled, Privilege Manager policies set by the network administrator apply before a UAC dialogue box appears. If UAC is off, Privilege Manager policies will automatically elevate privileges for any activity authorized by the network administrator. Because Privilege Manager works with UAC enabled or disabled and supports Windows 2000, Server 2003, XP and Windows Vista, it is suitable for all enterprises that run Microsoft Windows.

"BeyondTrust Privilege Manager will allow us to move to Vista and continue to use our critical line-of-business applications without any pop-ups," said Omar Ghneim, network administrator at EXCO Resources. "We’re looking forward to getting the best of both worlds – the benefits of Vista with a transparent Least Privilege security environment."

"Least Privilege security is quickly becoming the standard from corporate settings to the federal government, and Privilege Manager 3.5 gives enterprises the flexibility to apply it on their own terms," said BeyondTrust CEO John Moyer. "Whether they’re running Windows 2000, XP, Server 2003 or Vista – and whether or not they enable User Account Control – BeyondTrust Privilege Manager is the most effective way to secure the enterprise in a Least Privilege setting."

Pricing and Availability

BeyondTrust Privilege Manager 3.5 is available today. Pricing starts at $30 per seat. Current Privilege Manager customers will be upgraded as part of their upgrade assurance program.

About BeyondTrust Privilege Manager

BeyondTrust Privilege Manager, initially released in 2004, is the first Least Privilege Management solution for Windows. With Privilege Manager, end users can run all required applications, processes and ActiveX controls without administrative privileges. Privilege Manager allows network administrators to attach permission levels to Windows applications to enforce enterprise security policy while still enabling users to perform approved activities. By removing the need to grant end users administrative rights, IT departments can eliminate what is otherwise the Achilles heel of the desktop – end users with administrative power that can be exploited by malware and malicious users to change security settings, disable other security solutions such as anti-virus and more. Privilege Manager is easy to implement as it plugs directly into Group Policy, the existing Windows security infrastructure. It is completely transparent to the end user, without pop-ups or dialogue boxes, and supports Windows 2000, XP, Server 2003, and Vista.

About BeyondTrust
BeyondTrust Corporation, a pioneer in Least Privilege Management, enables enterprises to move beyond the need to trust users with excess privileges or administrator passwords. BeyondTrust Privilege Manager was the first product to enable the security best practice of Least Privilege in Windows environments by allowing administrators to assign end users permissions to required or selected applications. Least Privilege strengthens security by limiting users to the permissions they need to do their jobs. Hundreds of organizations worldwide in industries such as financial, healthcare, government and military rely on BeyondTrust Privilege Manager to secure their enterprises. BeyondTrust is a Microsoft Gold Partner.

Public Relations Information

Dave Bowker or John McElhenny
Schwartz Communications
(781) 684-0770
BeyondTrust@schwartz-pr.com

For more information, visit www.beyondtrust.com.