Remove local administrator accounts.
Enforce least privilege.

Discover local admin accounts - FRee
download overview

Privileged Endpoint Management

Reduce risk by removing local administrator accounts
and reduce IT help desk load

What is Privileged Endpoint Management?

Privileged Endpoint Management, or PEM, removes the need for local administrator accounts from the computers that every worker has access to every day. Traditionally this has prevented users from doing their work or caused increased workload for IT help desks.
PEM allows organisations to remove local administrator rights from users, while at the same time enabling them to have escalated privileges only for specific processes and executables. The balance tips back towards productivity while increasing the organisation’s security posture.

privileged endpoint management

Common challenges facing IT and Security teams

Local admin rish

Local admin accounts risk

Local administrator accounts were often created to reduce the number of calls to the IT help desk or because some previous user needed an administrator role. But these accounts are very risky: they could allow installation of malware or be used by an attacker to gain access to the corporate network.

local admin risk 1

Users install uncontrolled applications

A common reason for granting local admin rights is to allow installation or update of applications. But IT loses control over which applications or versions are being used. Potentially malware-infected apps or unlicensed software could be installed.

local admin risk

Help desks are overwhelmed

Removing local admin accounts generates increased help desk calls. For example, when a user needs to install some software to do their job, they'll call the help desk. Any delay leads to loss of productivity and end-user dis-satisfaction.

The Osirium PEM solution

remove local admin accounts

Remove local admin accounts

Local administrator accounts are highly valued by attackers so removing them as part of a "least privilege" strategy dramatically reduces the potential attack entry points.

learning mode accelerates implementation

Learning mode accelerates implementation

Running PEM in "learning mode" before enforcing control ensures that most applications that users actually need will be pre-approved avoiding the need for calls to the help desk. If additional applications are needed, a request to the help desk will have it added to a policy so there won't be a need for the request to be repeated.

reduce IT load

Reduce the load on IT

Overall, IT have fewer requests for application installs or updates, they have audit trails of which applications are run with elevated privileges and end-users have a better experience.

Business benefits

Reduce Risk

  • Elevate only approved applications
  • Applications are elevated, not users
  • Audit trail of elevated applications

Simple to manage

  • PEM is focused on managing application elevation
  • Learning mode builds a list of applications to approve before starting enforcement

Easy for end-users

  • Accessed as usual via the application context menu
  • Request application approval via normal help desk processes

See PEM in Action

Prevent safemode reboot ransomware attacks with PEM
Preventing ransomware migrating to critical systems
PEM Overview
Using PEM to install Visual Studio Plug-in safely
Remove local admin accounts to improve security

An overview of Privileged Endpoint Management

Read this short whitepaper to see how PEM can improve endpoint security and IT help desk load.

Read the Overview
Talk to an expert

Related resources

Free tool - Discover your local admin accounts

Talk to an expert

PEM, a technical Introduction

A video tour of PEM

Privileged Endpoint Management Datasheet

Osirium PEM  Documentation