An endpoint privilege management solution is only truly effective if it’s easy to use for IT and security teams. That means easy to use when creating new policies or executing small policy edits, gathering insights on user activity, or simply navigating the user interface.
In 2024, IT and security teams are as understaffed and overworked as they’ve ever been. NIST states that a shortage of 3.4 million cybersecurity professionals exists globally, and Forrester has cited that 66% of cybersecurity team members have significant levels of stress at work. In a world where both the cyberthreat landscape and the organizations that are trying to protect themselves from it are constantly changing, every second counts for IT and security professionals. If their time is being consumed by manually intensive policy updates or difficult to understand user activity data, they have less time to focus on protecting the organization.
In this blog, we’re exploring how our first release of 2024‚ Privilege Management for Windows and Mac 24.1, is helping to improve IT and security teams’ day-to-day operations by making Privilege Management for Windows and Mac easier and faster to use.
Introducing Privilege Management for Windows and Mac 24.1
BeyondTrust is constantly innovating Privilege Management for Windows and Mac to deliver market-leading protection for our customers’ estates with streamlined operations that reduce the amount of manual work required from their IT and security teams. To ensure we are delivering the innovations that make the biggest impact, we are always listening to our customers through extensive interviews and beta programs, monitoring the latest threat trends, and iterating on our products.
BeyondTrust is pleased to announce the availability of Privilege Management for Windows and Mac 24.1. Our first release of 2024 includes new features and enhancements that improve ease of use and streamline workflows. These include enhancements to Analytics v2, auto update via the Package Manager, and the Web Policy Editor, as well as a new beta feature called the Policy Assistant.
Easier, quicker insights in Analytics v2
Analytics v2, the reporting functionality in Privilege Management for Windows and Mac, provides you with intuitive insights about your users’ activity, and a path to seamlessly convert those insights into targeted policy updates that bolster your organization’s security. Throughout 2023, we were constantly innovating Analytics v2 to release new features and enhancements that would deliver increased value for you. This year will be no different. In release 24.1, we are introducing four new enhancements that make Analytics v2 more approachable, allowing you and your teams to gather valuable insights quickly and easily.
New dashboard provides straightforward visibility
Now with release 24.1, when you navigate to the Analytics section in the Privilege Management Console, you will see two new dashboard charts in the new Dashboard tab. These charts—Endpoint User Logins and Top Event Actions—present high-level visualizations of key metrics and trends to help monitor the effectiveness of your Privilege Management for Windows and Mac deployment at a glance. The Endpoint User Logins chart shows the trends and distribution of administrator and standard user privilege usage in your estate. It also shows whether those privileges are being used by local or domain accounts. The Top Event Actions chart provides quick visibility into the different events happening in your estate over a given hour, day, month, or year, broken down by event type, operating system, and computer group.
Gather valuable insights fast with recommended views
Making use of the vast amount of data and insights that Analytics v2 can provide may at first seem overwhelming, especially for those organizations and users just getting started with Privilege Management for Windows and Mac. That’s why in release 24.1, we’re introducing recommended views, which provide a fast, convenient way to view your user activity data through a selection of the most useful predetermined views. Now in the Events and Applications tabs, you can access eight different recommended views, all of which can help garner a deeper understanding of what’s happening in your estate and facilitate updates to your policies accordingly.
Here is an overview of the eight different recommended views available to start extracting insights from your user activity data fast:
Events tab:
- Process Details – View every process that Privilege Management for Windows and Mac is controlling.
- User Interactions – See an overview of how much friction end users are experiencing in their day-to-day roles and make changes to improve their experiences without sacrificing security.
- Privileged Group Protection – See when Privilege Management for Windows and Mac has prevented a user from modifying a privileged group (e.g. adding a user to the admins group).
Applications tab:
- Discovered: Active Applications – View all active applications that are being run in your estate and start shaping your policy to define which applications should be allowed or blocked.
- Discovered: by Publisher – See all discovered applications aggregated by publisher, allowing you to decide whether you want to treat all applications from that publisher a certain way in policy and execute that action.
- Discovered: by Requiring Admin Rights – View all applications that require admin rights and the method through which they are granted, helping identify genuine admins and the applications they are running.
- Discovered: from External Sources – See all applications being run in your estate from risky external sources and update your policy to ensure those applications cannot get admin rights.
- Discovered: New and Uncategorized – View the new and uncategorized applications running in your estate and take appropriate action by adding them to specific application groups.
Saved views enables customization
Release 24.1 also introduces two new enhancements to saved views. First, you can now save customized views in the Users tab and quickly access them again. Previously limited to use in the Events and Applications tabs, saved views allow you and your teams to create custom Analytics v2 views that better meet your specific needs and provides on-demand access whenever needed, driving more efficient workflows in Analytics v2. The second enhancement brings an improved user experience to saved views. Now when you access a previously saved view, you are presented with metadata that enables quicker navigation and easier understanding of the saved view. This includes the name of the view, the filters that have been applied, and which data columns are included.
Policy Assistant gives confidence when creating or editing policy (Beta feature)
For many new and even longer-tenured Privilege Management for Windows and Mac admin users, the process of editing policies can pose challenges. We’re introducing a new beta feature in release 24.1 to solve that problem and instill confidence in admin users when editing or creating policies.
The Policy Assistant, found in the Utilities section of the Privilege Management Console, can be used to find and show errors in policy configuration as the policy is being created or edited. It will identify and flag common errors, such as the creation of duplicate application rules that potentially contradict each other or duplicate users existing in an individual workstyle account filter. With the Policy Assistant, admin users can feel confident making and deploying both quick edits to policy as well as larger changes.
Customized automatic updates via the Package Manager
In October of 2023, we introduced auto update. With auto update, you can automatically update both the Privilege Management for Windows adapter and agent software versions on the Windows endpoints in your estate, while maintaining the same level of control you’ve always had with updates. Auto update removes the need for manual updates, giving your perennially overstretched IT and security teams weeks or even months of valuable time back to focus on protecting your organization.
Auto update is powered by the Package Manager, a component that enables both the initial install and ongoing updates of the Privilege Management for Windows adapter and agent to be managed seamlessly from the Privilege Management Console. In release 24.1, we’re introducing two enhancements to the Package Manager that improve the user experience and make customization easier for how automatic updates are executed on the endpoints in your estate.
Now when you’re on the group details page of one of your computer groups and select the Manage Updates button within the Updates tab, you will be presented with two clear options for how you want to manage updates to the endpoints in that computer group. The first option automatically updates those endpoints to the latest version of Privilege Management for Windows, and the second option allows you to manually select which version the endpoints are updated to.
Streamlined workflows and navigation in the Web Policy Editor
Improved Web Policy Editor navigation
Historically, navigating in the Web Policy Editor could be challenging, especially for new Privilege Management for Windows and Mac admin users. Release 24.1 brings improvements to the Web Policy Editor to improve navigation and usability. With this release, the number of menu items available in the Web Policy Editor will be reduced, and related configuration areas will be consolidated into individual selectable tabs, simplifying navigation and streamlining workflows.
Copy / paste application groups and messages
Release 24.1 introduces copy / paste functionality to the Web Policy Editor for both Windows and Mac application groups and user messages. Application groups and user messages can now be copied / pasted within one policy or from one policy to another. These enhancements streamline the workflows within the Web Policy Editor for IT and security teams, improving efficiency for updates both large and small.
Local Active Directory search
In the past, searching your local active directory via the Web Policy Editor has been a manual process, making things like mapping users or groups to workstyles, designated user groups, or custom tokens difficult. Now with release 24.1, local Active Directory searching is available in the Web Policy Editor. This enhancement improves the usability and efficiency of the Web Policy Editor, saving you and your teams time.
Next steps: start leveraging new features and enhancements to streamline your Privilege Management for Windows and Mac workflows
If you are ready to learn more about the best solution for achieving and dynamically enforcing proven endpoint security policies, like least privilege, contact us today! Or if you are already a BeyondTrust Privilege Management for Windows and Mac customer, here’s how you can get started with version 24.1.
Be sure to stay tuned to our Endpoint Privilege Management Innovation Series to keep up to date as we continue to make the feature updates and enhancements that matter most to our users!
Alex Bauer, Product Marketing Manager, BeyondTrust
Alex Bauer is a Product Marketing Manager at BeyondTrust, focusing on Privilege Management for Windows and Mac. Prior to joining BeyondTrust in 2022, he worked in a variety of product marketing roles at Dyson and B2B ecommerce software startups, planning and executing launch, messaging, and positioning strategies for products like robot vacuums and air purifiers. Alex brings a consumer lens to the BeyondTrust Marketing team, working to convey complex cybersecurity concepts and features in easy to understand ways.