Call a Specialist Today! 800-886-5369

BeyondTrust PowerBroker for Mac
Least Privilege Management for Mac OS X


BeyondTrust Products
PowerBroker for Mac License
PowerBroker for Mac License, 1-499 Users
#PBMAC-LIC(1-499)
Contact us for pricing!
PowerBroker for Mac License, 500-999 Users
#PBMAC-LIC(500-999)
Contact us for pricing!
PowerBroker for Mac License, 1000-2499 Users
#PBMAC-LIC(1000-2499)
Contact us for pricing!

Click here to jump to more pricing!

Overview:

Typically, every Mac user receives local administrator access or knows the administrator account password by default. This can create serious security, compliance and operational challenges for desktop and operations teams. Given the proliferation of corporate-supported Macs and Bring Your Own Device (BYOD) programs, it’s clear that IT organizations face a growing problem. Until now, there has been no effective or efficient solution to address the problem of OS X users with excessive privileges.

How can IT organizations efficiently remove Mac administrator rights and enforce least privilege in order to maintain security best practices while meeting compliance and regulatory mandates?

Least Privilege and Application Control for Mac OS X

BeyondTrust PowerBroker for Mac reduces the risk of privilege misuse by enabling standard users on Mac OS X to perform administrative tasks successfully without entering elevated credentials. With PowerBroker for Mac, IT organizations simplify the enforcement of least-privilege policies, close security gaps, improve operational efficiency and achieve compliance objectives faster.

  • Eliminate admin rights from Mac users without revealing the administrator account, reducing risk and potentially stopping modern OS X threats
  • Elevate privileges only when needed, maintaining user productivity and IT operational efficiency without compromising security
  • Log, audit and report on activities that occur when privileged access is granted to applications, helping to address compliance requirements
  • Make smarter and better decisions to reduce risk by providing better user and asset intelligence across multiple platforms

PowerBroker for Mac complements BeyondTrust's least privilege solutions for Unix, Linux and Windows using the PowerBroker Privileged Access Management Platform.

The BeyondInsight Platform for Unified Asset and User Risk Intelligence

PowerBroker for Mac is part of the BeyondInsight IT Risk Management Platform, which unifies PowerBroker privileged account management solutions with Retina CS Enterprise Vulnerability Management. Capabilities include:

  • Centralized solution management and control via common dashboards
  • Asset discovery, profiling and grouping
  • Reporting and analytics
  • Workflow and ticketing
  • Data sharing between Retina and PowerBroker solutions

The result is a fusion of user and asset intelligence that allows IT and security teams to collectively reduce risk across complex environments.

Highlights:


Least Privilege Made Simple


Least-Privilege Made Simple

Monitor application launches on Apple Mac, Macbook, Macbook Pro, Macbook Air, or Xserve and elevate them to the proper permissions without prompting for administrator credentials. Log rule interactions for complete visibility.

Policy Editor Enhances Productivity


Policy Editor Enhances Productivity

Minimize the number of products needed to perform least privilege across all endpoints through the PowerBroker Policy Editor. Enhance productivity by providing the same user experience for both Windows and Mac operating systems.

Extensive Rule Library Speeds Results


Extensive Rule Library Speeds Results

Reduce risk on OS X assets immediately with rules for more than 40 of the most popular applications that require privileges from Microsoft, Adobe, Apple, and VMware. Define custom rules based on application and path, or Shell Rule. Centrally manage all policies via web services or the PowerBroker PAM platform or hosted locally for air-gapped implementations.

Least Privilege in Heterogeneous Environments


Least Privilege in Heterogeneous Environments

Utilize PowerBroker as a single platform to manage least privilege across Windows, Mac, Unix and Linux environments.

Features and Benefits:

Least Privilege for Mac Desktops

  • Allow Admin access where needed: Default all Mac users to standard privileges, while enabling elevated privileges for specific applications and tasks without requiring full administrative credentials.
  • Block malicious activity: Enforce restrictions on software installation, usage and OS configuration changes.

Policy Management

  • Flexible policies: Create privileged identity policies to selectively target applications, installers, auto updates, and system preferences for application-based elevation. Deploy hosting policies via web services for PowerBroker for Mac clients (as well as PowerBroker for Windows clients).
  • Single policy across multiple environments: Enable a single policy to manage privileged applications and Windows guests for OS X users of BootCamp, VMware Fusion, Parallels, or Virtual Box for complete management of multi-operating system asset implementations.
  • Smart rules: Match applications to rules automatically based on asset based policies. Leverage smart rules for alerting and grouping of OS X devices and events.

Reporting & Analytics

  • Automatic logging for visibility: Log all privileged events automatically for complete visibility and reporting through web services hosted on the unified BeyondInsight IT Risk Management platform.
  • Extensive reporting: Deliver dedicated asset views for asset inventory and privilege event detection and elevation.
  • Understand and communicate risk: Leverage an interactive, role-based reporting and analytics console, backed by a centralized data warehouse for ongoing audits of privilege management activities.

Maximum Efficiency

  • Simplify the user experience: Eliminate the need for end users to require two accounts, or administrative credentials, to perform privileged tasks.
  • Ensure adoption and usability: Provide a modern, easy-to-use interface for end-users, plus an innovative dashboard for solution owners.

How It Works:

How It Works

Use Cases:

Reducing Mac End User Risks with PowerBroker for Mac

  1. Enforce Least Privilege on Mac
    Macs in the enterprise have gained popularity in recent years. And while there are tools available to assist with security, those tools haven’t kept pace with the needs this increased use and the resulting threats pose. PowerBroker for Mac is the only graphical software to control application privileges on Mac platforms, without necessitating privileged accounts or sudo.

  2. Ensure Consistent Policy Across Platforms
    BeyondTrust has provided security and management solutions for Windows, Unix and Linux platforms for years. PowerBroker for Mac extends security and acceptable use policies to Mac clients, effectively supporting organizations with heterogeneous infrastructure. This ensures consistency and reduces management requirements, saving time and resources.

Screenshots:


Combined Dashboard
Combined Dashboard

Tab in Dashboard
Tab in Dashboard

Policy Editor
Policy Editor

Rule Editor: Path Rule, Authorize as Admin
Rule Editor: Path Rule, Authorize as Admin

Rule Editor: Path Rule, Run as Root
Rule Editor: Path Rule, Run as Root

Rule Editor: Shell Rule, Authorize as Admin
Rule Editor: Shell Rule, Authorize as Admin

Rule Editor: Shell Rule, Run as Root
Rule Editor: Shell Rule, Run as Root
Settings: Management
Settings: Management
Settings: Security Driver
Settings: Security Driver

Documentation:

Download the BeyondTrust PowerBroker for Mac Datasheet (.PDF)

 

PowerBroker for Mac License, 1-499 Users
#PBMAC-LIC(1-499)
Contact us for pricing!
PowerBroker for Mac License, 500-999 Users
#PBMAC-LIC(500-999)
Contact us for pricing!
PowerBroker for Mac License, 1000-2499 Users
#PBMAC-LIC(1000-2499)
Contact us for pricing!
PowerBroker for Mac License, 2500-4999 Users
#PBMAC-LIC(2500-4999)
Contact us for pricing!
PowerBroker for Mac License, 5000-9999 Users
#PBMAC-LIC(5000-9999)
Contact us for pricing!
PowerBroker for Mac Maintenance, 1-499 Users
#PBMAC-Maint(1-499)
Contact us for pricing!
PowerBroker for Mac Maintenance, 500-999 Users
#PBMAC-Maint(500-999)
Contact us for pricing!
PowerBroker for Mac Maintenance, 1000-2499 Users
#PBMAC-Maint(1000-2499)
Contact us for pricing!
PowerBroker for Mac Maintenance, 2500-4999 Users
#PBMAC-Maint(2500-4999)
Contact us for pricing!
PowerBroker for Mac Maintenance, 5000-9999 Users
#PBMAC-Maint(5000-9999)
Contact us for pricing!