Application Layering solutions offer a streamlined approach to application delivery. In its truest form you can enable users to install applications that are decoupled from the base image and you can distribute an Application(s) as seamless layers to a group of users.
The native approach that the latest application layering techniques leverage equate to a high level of compatibility. There is just one big problem with Application Layering, a gaping security hole.
When you grant users the right to install applications you need to elevate those same users to Admin or use a User Rights solution to selectively elevate rights in a secure manner. The need also arises if an Standard User needs local Admin rights to run an application – whether installed by a user or for a department by an administrator.
So what is the big deal? Here are just few of the reasons that making users local Admins are a big risk!
1) Local Admin users can install viruses intentionally or accidentally. Spyware can start to run rampant, opening more security holes and consuming precious CPU and resources.
2) Local Admin users can install unauthorized and unapproved applications. Ready for a software licensing audit?
3) Users can install pirated software. Again, ready for a software licensing audit?
4) Local Admin users have full system registry access and can muck up their machines.
Many organizations such as financial institutions, healthcare, and government tend to value security over all else. For these organizations, Application Layering that opens such a big security risk is a non-starter.
Secure User Rights is a big problem but we also solved it when we built our Application Layering (FlexApp) features in ProfileUnity. We include User Rights features in the form of our Application Rights Management capabilities. This technology set securely elevates Standard Users’ rights without opening up a gaping security hole in your desktop infrastructure.
All Application Layering solutions are not created equal and have not solved this big problem. What’s even more interesting is that some have gone on record that they don’t intend to solve this security risk!
The good news is that if you’ve found yourself with an Application Layering solution that leaves this security gap wide open, you can solve this challenge with ProfileUnity’s Application Rights Management features or with another third party solution User Rights tool (that may cost much more than ProfileUnity’s integrated solution).
However, you can avoid this altogether if you choose carefully. Choose ProfileUnity and you’ll get Application Layering from a leader in the industry with full User Environment Management and Application Rights Management built-in!