Rapidly-growing UK security firm Avecto has announced a major contract with the Swiss arm of consultancy PwC that will see the firm's Privilege Guard security platform installed to manage 3,500 laptop users.
PwC Switzerland decided to adopt the system to restrict and manage user privileges as part of a Windows 7 migration project that also had to accommodate a large percentage of employees who move between locations.
Privilege Guard will be used by PwC's 65-strong IT team to limit the issue of Windows admin privileges needed by many older applications to function correctly. The danger is that admin privileges are also abused by malware and, potentially, by users tying to install non-approved software.
PwC already uses anti-virus, laptop whole disk encryption and "aggressive" patching to secure its mobile workforce.
"Avecto's Privilege Guard fitted the bill perfectly in terms of keeping user desktops flexible and customizable, while at the same time guaranteeing secure access," said PwC Switzerland chief information security officer, Lee Barnet.
"It allowed us to remove default administrator privileges from all users and processes, using elevation on demand to assign rights when required. This approach allows us to increase platform stability and reduce security risk."
When users asked for access to a resource or application requiring admin rights, they could now be given a customised message to smooth acceptance, he said. Using Avecto's system made it possible for the workforce to use applications with safer standard user privileges.
"Auditing was a particular area of focus for us as we wanted to be able to better package the applications that we offer staff to ensure that they meet with their personal needs. With Avecto, we have a much better view of which applications or software staff are installing on a regular basis."
In addition to the contract's size, gaining a foothold in PwC could pay off if other wings of the global firm adopt Privilege Guard.
Are admin rights that important from a security point of view? Not in all cases but more than enough that closing this layer of vulnerability cuts an organisation's risk.
An analysis by Avecto earlier this year noted that of the 147 most serious vulnerabilities reported in Microsoft products during 2013, 92 percent would have been mitigated by removing admin rights according to Microsoft's own assessment.
Avecto itself is an unusual company - a UK security success story that hasn't been bought. Last November's Deloitte Fast 50 competition rated it as the second fastest-growing tech company in the land.
Sign up for Computerworld eNewsletters.