Rewind, Revisit, Reinforce, Retain with OnDemand - Special Offer Available Now


To attend this webcast, login to your SANS Account or create your Account.

Saving Time and Resources Managing Administrator Rights with a Process-based Whitelist Model

  • Thursday, June 05, 2014 at 1:00 PM EDT (2014-06-05 17:00:00 UTC)
  • John Pescatore


  • Viewfinity

You can now attend the webcast using your mobile device!



In this WhatWorks analysis, John Pescatore examines a use case where end users had local administrative rights on their PCs and it had gotten out of hand for this Fortune 500 Energy and Utilities company. The compelling event that prompted the company to reexamine this situation was the migration to Windows 7. In Windows XP, a custom tool that allowed users one of three levels of administrative rights to their workstations would need to be replaced during the Windows 7 deployment. The workstation Architect spearheaded a search for a Privilege Management product. The Viewfinity solution he found allowed him to implement a process-based whitelist that supports a variety of more than 3,000 applications installed for business use and significantly decreased the manpower required to support user installation and privilege elevation requests. Local administrative rights have been removed and any user needs requiring administrative rights are handled automatically using the Viewfinity software ensuring we are always operating in a least risk environment.

The user in this case study served as the Workstation Architect for his company. In his role, he was responsible for all aspects of the project to migrate the company from Windows XP to Windows 7. This included leading the teams that gathered requirements, designed solutions and implemented the project corporate wide. Other responsibilities included oversight of the solutions for software packaging and delivery and the Citrix environment.

Speaker Bio

John Pescatore

John Pescatore joined SANS as director of emerging technologies in January 2013, bringing with him over 35 years of experience in computer, network and information security. Prior to SANS, he was Gartner's lead security analyst for more than 13 years, working with Global 5000 corporations, government agencies and major technology and service providers. In 2008, John was named one of the top 15 most influential people in security and has frequently testified before Congress on issues relating to cybersecurity.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.