BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    Use Cases and Industries
    See All Products
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Enhanced User Experience in Privilege Guard v3.8

October 20, 2017

  • Blog
  • Archive

Privilege Guard’s UAC Replacement Extends to MSI Packages

For quite some time we have supported Windows Installer packages, empowering standard users to run MSI's, MSU's and MSP's that would require administrator privileges to complete. This functionality is fundamental in most least privilege deployments, where power users are delegated the privilege of choosing their own productivity tools.

We worked closely with our customers to understand how we can improve this offering, and came up with some additional use cases. We listened, and we delivered a much better user experience in 3.8.

Target the privilege, not just the binary

With other types of application, we have long been able to target those which specifically require elevated privileges, and only assign admin rights if the application would result in a UAC prompt. And in version 3.8, we extended this support to MSI packages.

Using the UAC rule in combination with any other matching criteria, you can now target and elevate MSI packages which need to be elevated, and leave those that don't, to run with default privileges.

Privilege Guard is the only solution that offers full support for UAC replacement, now also including MSI packages.

Add AND remove…

One of THE most important aspects of a least privilege migration is giving users an improved experience, or at least giving them the same experience. User acceptance can make or break a project. Fail to meet the users expectations, no matter how good the project is for IT, then it is doomed to fail as admin accounts creep back into disgruntled employee's. So the littlest improvements that help achieve the balance of policy and experience can go a long way in terms of overall success.

Today's end user is comfortable with using the Windows Programs and Features control panel to remove software they once installed. So making them use alternatives in the way of utilities as a replacement is never going to go down well.

This is why, in Privilege Guard 3.8, we have added support for policy elevation of MSI uninstalls through Programs and Features. No additional rules need to be configured, and no alternative tools are required. Users can now be empowered to remove the software they are authorized to install, in a way they are familiar with. A completely seamless experience through Windows Programs and Features.

Privilege Guard is the only solution that allows standard users to uninstall MSI packages through the native, and familiar Programs and Features control panel.

So that sums up the enhancements we made to MSI support. Enhancements that make MSI management much easier for IT admins, and deliver a much better experience to end users.

Introducing Defendpoint

Edit: Privilege Guard has now evolved into the brand new security suite, Defendpoint, which encompasses Privilege Management, Application Control and Sandboxing. For more information, please visit www.avecto.com/defendpoint.

Photograph of Kris Zentek

Kris Zentek, Senior Product Manager

Kris Zentek is a Senior Product Manager at BeyondTrust, focusing on Endpoint Privilege Management solutions. Based in the UK, he has over 20 years of experience working in the cybersecurity industry.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Mapping BeyondTrust Capabilities to NIST SP 800-207

Whitepapers

Mapping BeyondTrust Solutions to the Identity, Credential, and Access Management (ICAM) Architecture

Whitepapers

Four Key Ways Governments Can Prepare for the Growing Ransomware Threat

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.