BeyondTrust Endpoint Privilege Management Reviews

I have experience with BeyondTrust as a solution where I have deployed PasswordSafe, VRA, and other products in the portfolio. I have also contributed to POCs and demos since I am working as a solution architect for FDC. BeyondTrust has been one of our main products, and our team is certified with the BCI certification. 

We aim to take the solution effectively to the market and discuss it with management. From a use case perspective, if I'm talking about an end user who is looking for visibility and control over the organization's endpoints, it tests permissions and determines who has access to which solutions or assets. 

APM provides a platform to enhance visibility from Active Directory connections to peer control of their endpoints within the organization.

One of the challenges within an enterprise environment with 250 to 300 users is ensuring data security across multiple solutions. BeyondTrust Bot Pro, for example, offers privileged access solutions. 

Administrators need a tool that provides visibility and clarity about endpoint management within the organization. This addresses the issue of managing privileged users, which is crucial for any administrator or higher management team to control. 

Integration of PAM with other solutions is a key selling point. BeyondTrust is capable of integrating with platforms like Ping Identity, making it compatible with Android and ready for integrations.

I work with financials, communication companies, and other big companies in my country.

The first valuable feature is the stability of the solution. The appliance is stable, and I don't have many issues with backups or recovery. 

The user experience is good, and there are many preconfigured platforms. The platform has grown in the last year to provide more experience to customers. 

Another important aspect is the ability to move the solution to the cloud or install it on-premises, offering my customers flexibility.

We deploy it for customers as part of ISO 27001, 27701, and HITRUST. We do managed QMS. We go into a customer that is specifically under a GDPR or HIPAA mandate where they use HITRUST to implement it, and we act as their PRRC (person responsible for regulatory compliance). We do the hands-on configuration if they are not in compliance.

We have two customers who use Privileged Management Broker 2.23 and Cloud Privilege Broker 21.3. The PM is a hybrid deployment and CPB is on public cloud in Amazon.

The use cases are all in regulated environments that have GDPR and HIPAA medical data. That includes third-party host transfer of credentials and entitlement across multi-cloud infrastructure. The latter is specifically in a medical environment where multiple clinics are acting under a single medical provider. Or it's a GDPR situation where we act as a PRRC for a company that is highly regulated in GDPR with a multi-country presence.

One of our customers has a branch in Toronto so they fall under a multi-regulatory scheme. That's where the multi-cloud infrastructure and the ability to visualize via the dashboard come in handy. That's why the product is useful for us. It gives us a centralized dashboard both for the Privileged Management and the Cloud Privilege Broker. That's why it was chosen.

In addition, de-provisioning of privileged access accounts can be done in minutes. If we need to de-provision someone, we can do it really quickly. And with Endpoint Privilege Management, admin rights can be granted and revoked within minutes. For us, everything comes down to that. The ability to revoke rights is one of the ISO mandates.

Overall, Endpoint Privilege Management provides an immense increase in security, as our 27001 reports indicate.

We have around 700 assets on-premise and more than 500 assets on the cloud. We have many vendors all over the world. We have 200 people in the IT department. Everyone has to go through the solution to access and manage servers. We can access the assets through BeyondTrust regardless of where we are in the world.

The product is secure. It has a separate PAM portal where we can put all the passwords. It has a secure and isolated LAN. We are using it to log in to the servers.

I find the comprehensive Privilege Access Management features valuable, including automation, and the ability to integrate with applications and the Windows operating system.

The weaknesses are related to the effort required to migrate from existing technologies or having no Privilege Access Management (PAM) at all to adopting technologies like BeyondTrust. It involves changes in processes and can take a significant amount of time, typically six to twelve months.

We use it primarily for Jamf Pro. Most of our users who use Jamf Pro are on Mac. We work on artificial intelligence and machine learning, specifically for the military and healthcare sectors. We have developers and many DevOps professionals who use MacBooks. We manage Jamf Connect and Jamf Pro, and since developers need admin access on their MacBooks to execute code and perform coding tasks, we can't give full admin access to everyone in the company. 

We use EPM (Endpoint Privilege Management) as the agent, which communicates with the server and is deployed on the machines. The agent follows specific rules defined on the server. Users on Mac can only use these 100 specified commands. Anything beyond those commands won't work. 

We provide limited privileges, such as changing Wi-Fi or network settings, but users cannot create admin accounts on the machine. However, as an administrator, I can create admin accounts using EPM. But we have restricted that option in APM (Application Privilege Management). If you have admin access, you can create an admin account, but it will automatically be downgraded to a standard account. These are the situations we have implemented using EPM.

The most valuable features are the development tools. We use them for coding, such as VS Code, iTerm, and Brew. These activities often require sudo access to execute the code. So, we have granted sudo access to standard users through EPM.

I was part of the project, I collaborated with a Privileged Access Management consultant and incorporated it with their existing password safe from BeyondTrust. This allowed for a comprehensive approach to security within the designated area of focus.

When it comes to FSO security, a prevalent objective is the removal of admin rights for users and many security teams aim to transition users from admin to standard status, even while ensuring the seamless operation of critical business applications. Challenges arise as some users find it difficult to complete their tasks without admin rights. Avecto Defendpoint addresses this by allowing specific business applications to run with elevated privileges through the Advantage Token. Striking a balance, it empowers users in standard mode to run essential business applications with the necessary admin rights, while maintaining a secure posture.

We are using it in our organization for whitelisting a set of applications. In addition, we provide access in terms of access rules from low flexibility to higher flexibility. We also have various other use cases.

It is a cloud product. It is completely on BeyondTrust's cloud. They're using some cloud product, and we're just accessing the console from our end. We haven't deployed it on our cloud provider.

In terms of the version, the client version is 21.7, and the adapter version is 21.8. That's the latest one that we are testing right now.

It is helpful for security. We have thousands of applications and a lot of users who are using these applications. We don't have to provide each and every user admin rights to install those applications. We can just whitelist those applications and provide them to the users. We don't have to provide admin rights to the users, which makes it secure because once the users have admin rights, they can do anything on their devices. We don't have to provide them with admin rights just for installation purposes. We can just whitelist those applications in the environment, and we're good.

It is very important that we can add events straight from event logs and/or the database. Those logs are used for creating rules.

It allows us to elevate approved applications and actions without broad admin rights. It reduces the support tickets because a user is able to use applications without any problems.

It has reduced the tickets for application installation. We don't get any tickets because an application first gets analyzed and only then gets deployed in the production environment. So, if there is any issue regarding the deployment of an application, it gets sorted out initially, and we don't get any support tickets related to that. It has reduced the support tickets from the end-user perspective.

By reducing the number of tickets, it has reduced desktop support costs. From the application perspective, whitelisting and other things are handled remotely once, which reduces the support tickets. When the support tickets are reduced, the workforce required to attend to and resolve those issues is also reduced. The cost savings depend on the number of applications you have in your environment and the number of users you are dealing with. 

It provides a single solution for managing endpoint security preferences. Its impact on our endpoint management operations is good. We don't have to provide admin rights to all the users. It has increased the security of the environment, and it has reduced the exposure score from the vulnerability perspective. It is a very good solution. It has improved our security posture.