Privilege Guard watches those who watch over the network

Most government organizations rely on some form of privilege management on their networks. This prevents the average user from installing programs like the latest version of Flash, which might not be compatible with network resources. However, there is generally an administrator class in all of these setups that has access to everything.

They are charged with watching over all the users, but who watches the watchers?

Avecto is a company that specializes in privilege management. The latest 3.8 version of its signature product, Privilege Guard, takes a look at administrator access levels, allowing only enough control to let admins do their jobs, but not enough to accidentally mess up higher level or data center configurations.

For instance, its remote PowerShell Control feature provides system administrators secure management over remote desktops and servers, while ensuring that admins are restricted to running only authorized remote administration tasks. Another new feature is its granular control over Windows services, enabling a system administrator to stop and start specific services, while preventing unauthorized interaction with other services.

“Privilege management is fast becoming the foundation of a defense-in-depth security strategy for both desktops and servers, as it promotes the best practice of least privilege,” said Mark Austin, co-founder and CEO of Avecto.

The tool also comes with a Policy Automation API. It provides trusted administrators with the ability to automate the creation or update of policies through PowerShell, enabling integration with existing management systems, such as help desks and operations management.

Message Notifications for End Users is a service that enables discreet notifications to be displayed to users, for information purposes, where it isn’t necessary to seek consent before running or elevating an application.

Software Uninstall Support enables users to automatically uninstall software that they were approved to install, without requiring specific policies to be defined for uninstallation.

Finally, Drive Rule for Applications allows the targeting of applications based on the drive type from where they are executed, such as local fixed disks, network drives and removable media.

Privilege Guard 3.8 is available now.

About the Author

John Breeden II is a freelance technology writer for GCN.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected