Enforce privilege security on the end point without the negative impact of removing local administrator rights.
Local administrator rights create a large and frequently exploited attack surface, yet many organizations struggle with how to most effectively address this risk.
From the business user perspective, removing local administrator rights on endpoints can dramatically reduce the attack surface, but it can also result in unintended productivity tradeoffs and high help desk costs, as users attempt to regain privileges necessary for day-to-day tasks. From the IT administrator perspective, organizations often neglect to limit these privileges, as IT administrators are typically assumed to be known, experienced and trusted.
However, this view fails to acknowledge the risks associated with malicious insiders, inexperienced administrators or potentially compromised administrative accounts. Worse, even when organizations do minimize privileges for business users and IT administrators, machines can remain vulnerable to malware that does not require privileges to run.