How Securden Enforces Least Privilege Security and Application Control

Securden makes it very easy for both administrators and end-users to enforce and embrace least privilege model. Through robust workflows and policy-based controls, the user experience remains the same even when the local administrator privileges are removed. This document explains in brief how the product works.

1

Discover Endpoints, Create an Inventory

Discover the endpoints and servers in the network and create an inventory. Along with the device discovery, Securden captures the list of local administrator accounts on each computer. This helps you decide which devices require least privilege enforcement.

2

Deploy Securden Agent on Endpoints

After discovering the devices, deploy the lightweight Securden agent on all endpoints and servers. The agent deployment process is quite simple. You can either deploy them straight from the GUI or make use of Group Policy Objects to deploy in bulk.

3

Discover or Add Applications

The moment you deploy Securden agents, it starts identifying the applications and processes that require administrator privilege on each endpoint and adds them to Securden. The automatic discovery process takes a few weeks to complete the process. Alternatively, you can manually add the applications and processes that are required for day-to-day operations of your and add them to Securden. Alternatively, you can let the Securden agent discover the applications over a period of a couple of weeks after installing the agents.

4

Define Application Control Policies

Define and control which applications can be run by standard users. Whitelist trusted applications and prevent unapproved and malicious applications. Create policies specifying the processes to be elevated on specific endpoints, by specific users or groups and centrally enforce application control. Securden agents deployed on endpoints take care of enforcing the policies. The application control policies are cached by the Securden agent in the endpoints. In offline scenarios, the agent takes care of enforcing the recently cached policy.

5

Remove Local Administrator Privileges

Remove local administrator privilege from all endpoints and servers. This makes all users as standard users and enforces the least privilege security across the organization. Combining least privilege security with application control empowers standard users to seamlessly run approved applications (that would normally require admin rights) whenever needed. When specific users require broader privilege, you can grant a time-limited, fully controlled, and comprehensively audited temporary administrator access need basis. This is controlled by a well-defined workflow, which takes care of automatically revoking the access.