A PAM Innovation Story: How Privilege Management for… | BeyondTrust

In 2023, cyberattacks are as prevalent and costly as ever. In their 2022 Cost of a Data Breach report, IBM Security reported that 83% of organizations have experienced multiple data breaches between March of 2021 and March of 2022. The report further states that it takes an average $4.35 million and 277 days to identify and contain a breach.

The critical importance of endpoint security for threat mitigation is why BeyondTrust invests heavily to constantly innovate in Privilege Management for Windows and Mac. We monitor the latest vulnerabilities and attack vectors, and we leverage these insights to continuously innovate Privilege Management for Windows and Mac with new features and enhancements that can help our customers protect their organizations.

In this privileged access management (PAM) innovation series of blogs, we explore how BeyondTrust’s constant innovation helps Privilege Management for Windows and Mac customers secure their endpoints, reduce their attack surfaces, and protect their organizations against threat actors of all shapes, sizes, and creativity levels. Let’s explore our latest release: Privilege Management for Windows and Mac 23.2.

Introducing Privilege Management for Windows and Mac 23.2

BeyondTrust is pleased to announce the availability of Privilege Management for Windows and Mac release 23.2. Our second release of this product for 2023 includes new features and enhancements that will further reduce the complexities that come with managing privileges and endpoints in an estate of any size.

Read on to learn about our new features—like computer duplication filtering, which removes annoying duplicate computer names from your computer list, and event details in Analytics v2, which provides you with fine-grained details of your users’ privileged events.

Endpoint Connection Status (New Feature)

When managing a complex IT estate, smooth endpoint management becomes critical. It’s vital to understand the connection status of your endpoints to your endpoint privilege management agent. If an endpoint becomes disconnected from its endpoint manager, it cannot receive policy updates, and its activity will not be visible through reporting or auditing functionalities. This can cause a headache for IT and security teams, and it can lead to security gaps and vulnerabilities, jeopardizing an organization’s security and compliance.

In release 23.2, we’ve introduced endpoint connection statuses. Now, on the homepage of the Privilege Management Console, Privilege Management for Windows and Mac’s control panel, you’ll see a “Computer Status Summary” section. This shows the total number of computers in your estate, the number of those computers that are connected to Privilege Management, and the number that are disconnected.

The connection status of each individual computer can be seen in the “Computers” tab along with the number of days disconnected for those computers that are disconnected from Privilege Management.

In the “Computer Settings” section of the “Settings” tab, you can customize the number of days that a computer needs to be disconnected from the Privilege Management Console in order for its status to change to disconnected.

With endpoint connection statuses, organizations now have a convenient, real-time way to monitor the connection status of all the endpoints in their estates. This visibility enables quick detection of disconnected endpoints and a fast path to remediation so organizations can continue to minimize their attack surfaces and maintain compliance.

Event Details in Analytics v2 (Beta Feature)

Last year, in release 22.10, we introduced the first stage of Analytics v2, an upgraded beta version of the analytics functionality within Privilege Management for Windows and Mac. Analytics v2 represents a step change in the reporting power that Privilege Management for Windows and Mac offers. Built on entirely new technology, it will empower your organization to better monitor, understand, and react to your users’ behavior to keep your estate safe. In release 23.2, we’re introducing new functionality to the Analytics v2 beta that will enable you to dig deeper into the details of each event captured by Privilege Management for Windows and Mac.

Now, when viewing the events list in Analytics v2, you can select an event to view its details. This will show all the information that Privilege Management has captured for that individual event, such as application, publisher, version, hash (SHA-1), and much more. This new feature will give you easy access to the fine-grained details of your users’ privileged events, allowing you to more closely monitor your estate and address potential vulnerabilities even faster.

Analytics v2 is built on entirely new technology, which provides improved scale and performance, so you can get the data and insights you need to monitor your estate and improve your least privilege posture fast. The full release of Analytics v2 is on the roadmap for mid-2023.

Computer Duplication Filtering (New Feature)

When managing a complex organization, the list of computers in your estate can get messy fast. Duplicate computer names make it difficult to find recently created computers, adding to the complexity of managing your endpoints. In release 23.2, we’re introducing a “Show Computers with Duplicate Names” switch at the top of the computer list. By default, this switch will be set to “OFF,” and duplicate computer names will be removed from the computer list, showing you only the computers that were most recently connected, in the case of a duplicate. When switched “ON,” you will be able to see all computers, including duplicates.

This new feature will help you clean up your computer list, filtering out duplicates and allowing you to quickly find the computers you need.

Windows Server Core Support (Enhancement)

With release 23.2, Privilege Management for Windows and Mac now fully supports Windows Server Core operating system. By expanding the list of supported operating systems, organizations will now be able to fully achieve least privilege across their Windows server deployments and have the flexibility to run the operating system that best fits their needs.

Next Steps: How to Start Leveraging the Improved Security and Productivity Benefits across your Windows & macOS Estate

BeyondTrust is constantly innovating Privilege Management for Windows and Mac to help our customers improve their privilege management and endpoint security, and protect their organizations from constantly evolving cyberthreats. Privilege Management for Windows and Mac enables you to achieve and dynamically enforce the principle of least privilege while improving end user productivity and administrator workflows. The new features and enhancements introduced in release 23.2 are wholly dedicated to reducing the complexity associated with managing a diverse Windows and macOS estate and streamlining your operations.

If you are ready to learn more about the best solution for achieving and dynamically enforcing proven endpoint security policies, like least privilege, contact us today! Or, if you are already a BeyondTrust Privilege Management for Windows and Mac customer, here’s how you can get started with version 23.2.

Be sure to stay tuned to our PAM Innovation Series to keep up-to-date as we continue to make the feature updates and enhancements that matter most to our users!