Least Privilege and Application Control for Mac OS

PowerBroker
for Mac

Enable standard users on Mac OS to perform administrative tasks successfully without entering elevated credentials.

Least-Privilege Management for Mac OS X

BeyondTrust PowerBroker for Mac reduces the risk of privilege misuse by enabling standard users on Mac OS to perform administrative tasks successfully without entering elevated credentials. With PowerBroker for Mac, IT organizations simplify the enforcement of least-privilege policies, close security gaps, improve operational efficiency and achieve compliance objectives faster.

  • Eliminate admin rights from Mac users, reducing risk and potentially stopping modern OS threats
  • Elevate privileges only when needed, maintaining user productivity and IT operational efficiency without compromising security
  • Log, audit and report on activities that occur when privileged access is granted to applications, helping to address compliance requirements
  • Make smarter and better decisions to reduce risk by providing better user and asset intelligence across multiple platforms

PowerBroker for Mac complements BeyondTrust’s least privilege solutions for Unix, Linux and Windows using the PowerBroker Privileged Access Management Platform.

Least-Privilege Made Simple

Least-Privilege Made Simple

Monitor application launches on Apple Mac®, Macbook®, Macbook Pro®, Macbook Air®, or Xserve® and elevate them to the proper permissions without prompting for administrator credentials. Log rule interactions for complete visibility.

Policy Editor Enhances Productivity

Policy Editor Enhances Productivity

Minimize the number of products needed to perform least privilege across all endpoints through the PowerBroker Policy Editor. Enhance productivity by providing the same user experience for both Windows and Mac operating systems.

Extensive Rule Library Speeds Results

Extensive Rule Library Speeds Results

Reduce risk on OS assets immediately with rules for more than 40 of the most popular applications that require privileges from Microsoft, Adobe, Apple, and VMware. Define custom rules based on application and path, or Shell Rule. Centrally manage all policies via web services or the PowerBroker PAM platform or hosted locally for air-gapped implementations.

Least Privilege in Heterogeneous Environments

Least Privilege in Heterogeneous Environments

Utilize PowerBroker as a single platform to manage least privilege across Windows, Mac, Unix and Linux environments.

LEAST PRIVILEGE FOR MAC DESKTOPS

Lock it down: Elevate required tasks restricting sensitive settings and the unauthorized installation of software and updates.

Simplify the user experience: Eliminate the need for end users to require two accounts, or administrative credentials on their Mac, to perform privileged tasks.

Smart rules: Match applications to rules automatically based on asset based policies. Leverage smart rules for alerting and grouping of OS devices and events.

Flexible policies: Create privileged identity policies to selectively target applications, installers, auto updates, and system preferences for application-based elevation. Deploy hosting policies via web services for PowerBroker for Mac clients (and PowerBroker for Windows).

Single policy across multiple environments: Enable a single policy to manage privileged applications and Windows guests for OS users of BootCamp, VMware Fusion, Parallels, or Virtual Box for complete management of multi-operating system asset implementations.

Automatic logging for visibility: Log all privileged events automatically for complete visibility and reporting through web services hosted on the PowerBroker Privileged Access Management Platform.

Extensive reporting: Take advantage of extensive reporting for complete visibility into privileged activity and usage patterns. Deliver dedicated asset views for asset inventory and privilege event detection and elevation.

Reducing Mac End User Risks with PowerBroker for Mac

1 Enforce Least Privilege on Mac

Macs in the enterprise have gained popularity in recent years. And while there are tools available to assist with security, those tools haven’t kept pace with the needs this increased use and the resulting threats pose. PowerBroker for Mac is the only graphical software to control application privileges on Mac platforms, without needing privileged accounts or sudo.

2 Ensure Consistent Policy Across Platforms

BeyondTrust has provided security and management solutions for Windows, Unix and Linux platforms for years. PowerBroker for Mac extends security and acceptable use policies to Mac clients, effectively supporting organizations with heterogeneous infrastructure. This ensures consistency and reduces management requirements, saving time and resources.

Related Resources: Get the most out of PowerBroker for Mac