Delinea Workstation Policy Framework Reduces Phishing Impact

Out-of-the-box policies can protect customers from the most common privileged access exploits on workstations 

San Francisco, CA — June 27, 2023 – Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), today announced the latest release of Privilege Manager, its solution for providing privilege elevation controls for users and applications on workstations. The latest enhancements significantly improve ease of use for customers by preconfiguring five of the most common privilege elevation policies through the Workstation Policy Framework to simplify implementation and accelerate time to value. 

The 2023 Verizon Data Breach Investigations Report found that phishing makes up 44% of all social engineering incidents. According to the U.S. Cybersecurity & Infrastructure Security Agency, 70% of attached files or links containing malware were not blocked by network border protection services, and 84% of employees took the bait within 10 minutes of receiving a malicious email. Using this method of attack, bad actors compromise the endpoint, elevate privileges, and move laterally within the network to find data and exfiltrate it.  

Without the appropriate privileged access controls in place on workstations, organizations are susceptible to phishing, even with other security solutions in place. Privilege elevation policies must be set for users and applications to better protect against malware that could be delivered through phishing scams.  

Simplified workstation privileged access policies lead to better security and less friction 

Privilege Manager enforces just-enough privileges to support approved business activities while blocking or restricting privileges that malware could exploit. This approach reduces friction and enables productivity while simultaneously optimizing security.  

Based on Delinea’s deep expertise and customer feedback, the new Workstation Policy Framework includes five of the most common policies to help customers quickly build a foundation for privileged access controls and create a baseline of security on Windows and Mac workstations without disrupting user productivity. Existing customers can compare their policies with the framework and introduce those that may be missing in their environments. 

The five preconfigured policies included are: 

1. Malware Attack Protection   
   This policy prevents Living Off the Land Binaries and Scripts (LOLBAS) attacks from being executed by commonly exploited parent applications. LOLBAS is a method of attack that misuses tools and executables that are already in place because they are part of the Operating System. 
2. Allow Microsoft Signed Security Catalog    
   This policy allows Microsoft-signed security catalog application installers to run. It can be combined with blocklist policies to prevent legitimate Operating System applications from being blocked.   
3. Software Development Tools  
   This policy targets common software development solution system processes, including child processes, and minimizes delays caused by requesting privilege elevation.  
4. Visual Studio Installers 
   This policy pre-approves and silently elevates four defined Microsoft Visual Studio installers.    
   
5. Capture Application Elevation Attempts                                                                                                          
   This policy targets non-Microsoft applications that trigger a UAC prompt and sends policy feedback to evaluate policy adjustments that can allow, elevate, or block applications. 

 Effective protection against malicious code impacts developers and IT administrative tools   

Another major enhancement in this release provides granular control over the ability to add, modify or delete users on workstations through PowerShell, even in PowerShell sessions with fully elevated privileges. This reduces the risk of developers and IT administrators abusing PowerShell’s capabilities and can lessen the impact of malicious code and ransomware. Such granular control of add, modify, and delete operations also significantly reduces the risk of lateral movement by a bad actor.  

“Security solutions are only valuable if they are usable and don’t compromise business productivity,” said Dmitriy Ayrapetov, Vice President of Product Management at Delinea. “Our mission is to make security seamless and with this release of Privilege Manager, which leverages customer feedback, users can enjoy easier policy management, better security, and less friction for an accelerated time to value with our solution.” 

Additional updates in this release include the flexibility to allow workstation users to control firewall settings and accessibility improvements in the user interface. 

Organizations can start a free trial of the latest version of Privilege Manager at https://delinea.com/products/privilege-manager. 

About Delinea 
Delinea is a leading provider of Privileged Access Management (PAM) solutions for the modern, hybrid enterprise. The Delinea Platform seamlessly extends PAM by providing authorization for all identities, granting access to an organization’s most critical hybrid cloud infrastructure and sensitive data to help reduce risk, ensure compliance, and simplify security. Delinea removes complexity and defines the boundaries of access for thousands of customers worldwide. Our customers range from small businesses to the world's largest financial institutions, intelligence agencies, and critical infrastructure companies. Learn more about Delinea on LinkedIn, Twitter, and YouTube. 

© Delinea Inc. (formerly Centrify Corporation) 2023. Delinea™ is a trademark of Delinea Inc. All other trademarks are property of their respective owners.