Optus has used a privilege management software tool to reduce the number of PCs with admin rights.
Speaking at the Gartner Security & Risk Management Summit in Sydney, Optus end user technology designer/architect Alex Davis told delegates that the telco manages approximately 15,000 PCs.
It has a locked down operating environment running Windows 7.
“We have a very broad range of users. This ranges from customer service reps through to field engineers who are out of the office for a month at a time,” Davis said.
The challenge in the end user space is maintaining a degree of control and ensuring that licensing is compliant.
“We want to try and reduce the risk of having unapproved tools and malware outbreaks. Users who wanted unrestricted PCs would rebuild their assets with a different operating system,” Davis said.
His team wanted to try and address end users that needed solutions that the telco's standard operating environment (SOE) couldn’t deliver.
Five years ago when Optus started its upgrade from XP to Windows 7, it we took the opportunity to address the issue.
According to Davis, it identified that 18 per cent of the SOE fleet had admin rights.
However this changed after it implemented BeyondTrust’s PowerBroker client. There are now only 138 PCs with admin rights.
He said that the software has allowed Optus to be flexible and give users with non-standard software requirements what they need.
“We can answer the questions that business gives us in a timely manner,” Davis said.
“We have a much better understanding of our end users and there isn’t a justification for admin rights.”
Looking to the future, Davis said he wants better reporting and logging of PCs.
“As far as our SOE fleet, we are way ahead of where we thought we could be. Our users are very happy that we can give them what they need.”
Follow Hamish Barwick on Twitter: @HamishBarwick