Again, the user’s privileges never change and the modified application runs with the new security token, which can be customised to any level required for the application to correctly function:
As a result, the user never has a hash that malware or a hacker can leverage against another resource with elevated permissions. In addition, the privileges granted to the application could either be executed as a full administrator or customised to only allow the privileges or process required for the task to execute. For example, the application can be granted full administrative privileges but denied access to shut down the system.
The fact remains that, in most organisations, too many users have excessive privileges. Hacking techniques like Pass-The-Hash have been successfully used to maliciously compromise entire infrastructures. Simply removing privileges can cripple business productivity, since critical applications and tasks can no longer function correctly as a standard user. A tool or technique is needed to bridge that gap, and PowerBroker for Windows is that solution.
PowerBroker for Windows preserves the privileges granted to the user and only modifies the application’s runtime security token to meet the needs of the application (on a per application basis). With over 250 rules in PowerBroker’s sample rules library, you do not need to start from scratch to make this change a reality. Our best practices guide, professional services team, and years of experience in privileged account management can help make hacking techniques like this a moot point for your business.
Morey J. Haber, Chief Technology Officer and Chief Information Security Officer at BeyondTrust
Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four Apress books: Privileged Attack Vectors (2 Editions), Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.