Home | Viewfinity Privilege Management | Resources | Product Review | Survey | Trial Evaluation | About Viewfinity logo
Viewfinity Header

Viewfinity Privilege Management

Better Operations Control through Privilege Management

Viewfinity Privilege Management offers IT Administrators a flexible approach for controlling its corporate desktop and laptop environment. With tighter, yet flexible control over the types of applications and privileges your distributed workforce are allowed, the more stable your desktop environment becomes. With this enhanced control over managing your environment, the number of end user support calls to the help desk are reduced.

Try it now for 14 days. In four easy steps and in less than ten minutes, the software can be installed and ready for evaluation.

Managing and Elevating Privileges for Otherwise Locked Down PCs

For organizations who are presently, or who are planning to move to a locked down desktop environment, Viewfinity provides IT administrators with the ability to manage administrative rights by desktop function and application. Our Privilege Management features are integrated with Active Directory allowing IT administrators to set flexible privilege elevation policies for managing administrator rights. Desktops continue to operate within the least privileges mode except for those functions flagged for elevated privileges, such as:

  • Applications: Elevate privileges to administrative rights per application, not per desktop
  • ActiveX: Manage permissions for non-administrative users to install ActiveX applications
  • Printers: Manage permissions for non-administrative users to install printers or perform application installations (optional)
  • Windows Services: Raise privileges to perform specific administrative functions (Device Management, Disk Defragmenter, Manage Services and User Accounts & Shares)
  • Role-based account access control: Control desktop permissions and privileged access management rights based upon segregation of responsibilities.
Figure 1 - Viewfinity's Elevate Privileges Capabilities
Figure 1
Source: Viewfinity

Viewfinity Privilege Management can be implemented through our SaaS platform or via your on-premise servers, or as an extension to Group Policy, enabling policies to be managed through the standard Group Policy Management tools.

Viewfinity offers the following Privilege Management features:

Granular Level Control

Through the use of automated policy settings, corporate guidelines can be established and applied for multiple dimensions of configurable, logical groupings: departments, applications, end users, connectivity status, time of day and more. Our automated policies, combined with our Privilege Management features, offer a flexible yet secure approach to ensuring all your laptops and desktops automatically adhere to your corporate regulations. Viewfinity also supports an organization's compliance needs as they relate to USGCB (updated FDCC), PCI Compliance and SOX, as well as other desktop-level control procedures.

By leveraging encapsulation, Viewfinity's privilege management features provide application-level control and policy customization on the desktop. Many policies that formerly required complete lockdown can now be enforced without creating excessive limitations on the end user machine.

Figure 2 - Example of granular-level elevation control for ActiveX
Figure 2
Source: Viewfinity

Automatic Propagation of Privilege Elevation

All elevation rules are applied in a real time and do not require users to cycle through the log on process. Viewfinity doesn't require desktops to be part of the domain or to be attached to the corporate network in order for privilege elevation policies to be delivered. Reports can be used to monitor the status of polices being applied.

Support for Mobile Workers

Viewfinity does not require laptops or desktops to be part of the Active Directory domain or to be directly connected to the corporate network in order to activate policies that manage administrator privileges. As soon as the PC connects to the internet, Viewfinity delivers the policies and rules established by the IT Administrator. Once delivered, all policies continue to be enforced even while working offline.

Intelligent Reporting through Policy Auditing

To ensure compliance, Viewfinity has built-in audit reporting that provides automated confirmation of delivery and enforcement of policies. Viewfinity provides detailed reporting on all administrator privilege policies, including an audit trail report that provides confirmation that a policy has been delivered and activated on endpoint devices. This includes validation of policy delivery to mobile and remote users, single or group of computers and/or for a specific application.

Figure 3 - Viewfinity Policy Audit and Validation Reports
Figure 3
Source: Viewfinity

Policy Management: Automating Compliance Policies

An effective privilege management tool allows policies to be designed and enforced in a way that achieves the objectives of the company without creating unnecessary restrictions on the end user. Viewfinity offers automated policy management that can be customized to meet the needs of any organization. From automated laptop and desktop power down and pre-scheduled logoff policies, to any capabilities that require IT administrators to centrally control the operation of laptops and desktops automatically, our policy management can be flexibly configured to support your environment.

Corporate Compliance Adherence

Management sets forth regulatory and corporate compliance objectives based on the risks and requirements of the business, and IT is responsible for enforcing these objectives through rules and policies. IT is also responsible for ensuring compliance with software licensing agreements, even on machines that are frequently outside of the corporate network. Due to limitations in available compliance tools, enforcement tactics are often overly restrictive at the desktop-level in order to meet all compliance objectives set forth by the company. Viewfinity supports an organization's compliance needs as they relate to USGCB (updated FDCC), PCI Compliance, SOX and HIPAA.

Viewfinity Support for Delegated Security

Viewfinity products provide delegated management control to support the needs of your various IT roles and staff members. The primary Viewfinity Administrator account has authorization to manage all computers in the organization. This primary account can create separate computer subsets based on departments, regions, and other criteria and assign management control of these subsets to specific individuals. Each subset administrator can deploy agents, apply policies, and report on computers which fall under his/her management.

Viewfinity products provide delegated management control to support the needs of your various IT roles and staff members. The primary Viewfinity Administrator account has authorization to manage all computers in the organization. This primary account can create separate computer subsets based on departments, regions, and other criteria and assign management control of these subsets to specific individuals. Each subset administrator can deploy agents, apply policies, and report on computers which fall under his/her management.

Viewfinity supports two levels of system management accounts. Full control system management accounts have complete access to product features such as the ability to create, stop, start, and modify policies; deploy agents and monitor activity. Read only accounts are targeted for subset administrators which require “review only access” including activities such as viewing reports and monitoring policy and asset management reports, reviewing computer connectivity status, etc.

Return to Home