BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    Use Cases and Industries
    See All Products
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

How Least Privilege Delivers ROI: Insights from Gartner

October 20, 2017

  • Blog
  • Archive

In an era where 67% of security professionals believe that they do not have ample resource to minimize IT endpoint risk throughout their organization (2013 State of the Endpoint, Ponemon), it has never been more crucial that the IT security projects you prioritize deliver maximum return on investment as well as exceptional security benefits.

Within their 2013 desktop total cost of ownership (TCO) study, research from Gartner continues to advocate the movement of organizations towards a ‘locked and well managed’ environment with respect to user privilege. The cost profile associated with this landscape is coveted by global organizations as it results in TCO savings of almost 30% against a ‘moderately managed’ environment; that’s $1,264 per desktop per year.

Reducing Cost of IT Support

But how does moving to a least privilege environment allow you to deliver these savings? Further studies from Gartner analysts conclude that a combination of effective privilege management and application control can help to reduce expenditure on IT operations labor by over 25%.

“Users who have more rights on their PCs than they need will cost more to support because they cause problems by installing unsupported software that can increase organizational complexity or interfere with execution of critical enterprise applications” (Gartner)

Consider Adam. Adam has administrative rights over his PC. He just can’t seem to sort the problem that started when he was prevented from opening an email attachment. He thought he resolved the issue himself by downloading some software from the internet. When IT investigates, it’s revealed that Adam has made an endless stream of ‘little tweaks’ to the system for months. Each new modification has inadvertently clashed with other elements, eventually causing the system to crash.

Sound familiar? The reality is that your application suite is littered with legacy and ‘problem’ apps which are simply incapable of delivering the required functionality to users where they operate under a standard account. At first consideration, deploying some users as administrators seems to be a sensible way to overcome costs associated with the labor intensive process of ‘packaging up’ individual, often low demand applications and remotely installing these via support. Adam’s ‘tinkering’ story reveals that awarding administrator rights to all and sundry will hit your IT budget in the longer term.

“Users who don’t have sufficient rights on their PC will cost more to support because they will bother the service desk unnecessarily and be less productive as they wait for IT to respond” (Gartner)

Do your IT department spend hours a day assisting standard users with administrative tasks? Niggling jobs like changing the system time or connecting to wireless networks cannot be completed by the standard user.

In Windows 7, deploying users as standard will result in an energy-sapping barrage of UAC requests which are a drain on you help desk resource. Demand for autonomy and flexibility in relation to corporate PC usage is only set to increase as the tech-savvy generation Y make up a greater proportion of your workforce.

The ‘all or nothing’ scenario with respect to tools native to Windows is ‘catch 22’ as deploying users as standard rather than allocating administrative accounts also mitigates over 90% of Windows security vulnerabilities.

The Solution

Implementation of a least privilege environment will dramatically reduce the cost of IT support as applications are automatically elevated in association with individual user need: each user has the ability to seamlessly install and run the applications necessary to the effective performance of their duties without compromising the integrity and security of their systems.

Paul Kenyon,

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Mapping BeyondTrust Solutions to the Identity, Credential, and Access Management (ICAM) Architecture

Whitepapers

Four Key Ways Governments Can Prepare for the Growing Ransomware Threat

Whitepapers

The Operational Technology (OT) Remote Access Challenge

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.