Simarks BestSafe

Simarks™ BestSafe™ is a tool focused on privilege management for any Microsoft Windows operating system version and edition running on any workstation, desktop, laptop or server running on any physical, portable or virtualized hardware.

The main goal of BestSafe™ is to allow administrators to assign any application/process the security context it has to be executed with, no matter which user credentials it was created with. However, BestSafe™ also offers complete support for traditional per user privilege management.

Simarks™ uses a unique privilege management patented technology allowing companies to implement the Principle of Least Privilege (POLP) and offering a real possibility to have ZERO administrators without affecting productivity.

This approach allows users to work with their endpoints under their “standard user” account while performing administration tasks, like running applications that need elevated privileges (perhaps to change power settings, add hardware, etc.), only when it is needed and when IT has granted them permissions to do so. BestSafe™ gives IT and Security departments full control on whom, when and how these actions are performed.

Very often companies try to implement POLP (Principle of Least Privilege). POLP is the practice of limiting the access a user has to the minimum level that is required for normal functioning. Applied to employees, POLP translates to “give people the lowest level of rights they can have and still do their job”.
When organizations try to implement POLP, it collides with other initiatives that have got more priority and impact on financial and economic terms, making it almost impossible to apply POLP at an organization-wide level.

Organizations have to make a decision based on financial terms, security risks, employee productivity and overall operational effectiveness as a result of POLP’s application. Most organizations make the hard decision to allow users to work with their desktops, laptops or workstations under an administrator account. That decision puts the company in a very risky situation by being unprotected against any form of malware and allowing users to make an inappropriate use of their corporate desktops. Even when the users are making a good judgement, malware is still there as a threat.

IT loses control on whom, when and how to deploy any corporate or non-corporate software on the company’s workstation and rely only on the antivirus to protect endpoints against any form of malware, advanced threat or targeted attacks.

Traditional Privilege Management tools are focused on limiting the time an account may have administration rights and manage when, where, and who can use that account. However, once the account is granted administrator rights and the employee uses it to log on to the machine, every process thereon will also have administrator rights.
With BestSafe™ companies can go further and, besides assigning privileges at a user level, it can assign privileges at application/process level.

Short list of BestSafe™ functionalities:
- Security at application/process Level.
     - Execute applications/process with elevated privileges regardless the credentials of the account under it is executed. (Green Listing).
     - Execute internet aware applications (mail clients, browsers, ...) with restricted privileges regardless the credentials of the account under it is executed. (Ambar Listing).
     - Block certain applications/processes matching rule criteria. (Red Listing).
- Security at user/account level.
- Local privileged accounts password management.
- Local group membership management.
- Exclusive anti-ransomware system.
     - Real time cryptographic operations control.
     - Deny per application/process access to the network.
     - Deny per application/process access protected folders.
- Real Time per application/process monitoring.
     - Cryptographic operations.
     - Process creation.
     - Network connections.
     - File and Registry access.
     - Per operation query to AI/SOC for action to be performed.
- Exhaustive Remote Machine Control.
- Emergency Actions.
- Application use statistics.
- SIEM integration and Reporting.