Viewfinity Privilege Management Case Study: Lathrop & Gage

The Challenges

With over 700 desktops and laptops, running multiple configurations and nearly 400 applications, most of which are customized to some extent, Kansas City, Missouri's prestigious law firm, Lathrop & Gage, has its share of desktop support challenges. A significant amount of the staff work from various bases, adding an additional layer of complexity related to IT support for these mobile workers. In order to protect its mobile, diverse personal computing environment, Lathrop is moving its desktop environment toward being more of a locked down, least privileges operation.

While this strategy alleviates some desktop-related problems, it also presents with an entirely new set of demands on our IT support staff. For example, an attorney may be on-site with a client, or on the phone with them, and the client needs our attorney to install a custom software package, and the need is immediate. Since the desktop is locked down, this isn't possible without getting a member of Lathrop's IT support team involved. Our IT staff must be able to deftly respond to the needs of our mobile workforce, from anywhere and at anytime. Finding an IT solution to meet these complex needs is a challenge that we took quite seriously.

The Solution

We looked at several vendors and selected Viewfinity because of its ability to control and manage our distributed PCs over a secure internet connection. Being able to elevate privileges on the fly, regardless of the end user's location, and do that cleanly, is very powerful. Viewfinity's capabilities are much more flexible and faster than our previous solution, which was the support person accessing the desktop remotely then using RunAs to install the application, which doesn't always result in a clean install. With Viewfinity, we push a policy that is immediately propagated on the endpoint, elevating privileges for the specific application, allowing it to be installed and executed, without providing administrator rights to the user.

The ability to flexibly manage our locked-down environment, where just a quick phone call or instant message to an IT Service Desk Support person can have the remote user safely and securely running an application otherwise prohibited, even if that user only needs temporary access, is a huge time-saver, and well worth the investment in the Viewfinity product.

"Like most large-scale law firms, we have many custom in-house applications that require us to look at creative ways to protect our desktops while still providing the application with the administrative rights it needs to run properly," said Ben Weinberger, CIO, Lathrop & Gage. "With Viewfinity, we have a method for securing the end-point client by elevating privileges on the application level, or for desktop functions, rather than providing blanket administrative permissions at the end-user level. Being able to control lockdown policies and elevate privileges on-the-fly, regardless of the end-user's location, and do that cleanly, is very powerful. This has proactively alleviated many IT concerns."

The Results

Viewfinity's product allows us to manage user access privileges effectively, efficiently, and more importantly, in an extremely timely manner, without having to issue administrator rights (in which an untrained user could inadvertently cause a mishap). This has increased productivity immensely. No longer does an attorney have to wait for an IT person to respond to his urgent needs to access a private application, or one for which he or she does not have the proper authorization to activate. This allows the attorney to focus on what the pressing need is – strict attention to the client's requirements – in a seamless IT environment, freeing-up the attorney and the attorney's staff to focus all of their awareness on the client, instead of having to take on the role of an IT support person.