AutoProf Changes Name to DesktopStandard Corp.

AutoProf, an eight-year-old company that makes products extending Microsoft Group Policy, is changing its company name to DesktopStandard Corp. The new name reflects a shift in emphasis at the New Hampshire-based company that has been visible in the company's product releases since late 2003.

AutoProf started in 1997 with technology to centralize Outlook mail profiles to allow users to log into any workstation in an enterprise and see their own mail. This automated profiling technology, which developed into the product ProfileMaker, was the basis for the AutoProf company name.

With the introduction of Microsoft's Group Policy technology in the Windows 2000 Active Directory, AutoProf saw a more powerful way to accomplish automated profiling and more advanced functions of enterprise desktop standardization.

In late 2003, AutoProf delivered its first product focused on extending Group Policy, called Policy Maker Professional. The product was later renamed PolicyMaker Standard Edition, which includes 22 Group Policy extensions -- double the number native to Windows 2000 and Windows XP. The company expanded the product line with PolicyMaker Software Update, which integrates a patch management framework into Group Policy, and a free tool called PolicyMaker Registry Extension.

Kevin Sullivan, product manager for PolicyMaker, says the company spent the past year proving the concept of Group Policy extensibility. "As we've grown, and as Microsoft's enterprises have grown, the idea of enterprise desktop management is absolutely critical," Sullivan says. "It's not really about automated profile management anymore. DesktopStandard sort of sums up what we do."

ProfileMaker still makes up a large percentage of DesktopStandard's sales, but less now than PolicyMaker as Active Directory deployments become more common. Still, underscoring the company's emphasis on Group Policy-based management, the company's news release makes no mention of the ProfileMaker product line.

New Product Helps Enforce Security Principle of 'Least Privilege'

This week, DesktopStandard expanded the PolicyMaker line further with a new tool designed to remove some of the hurdles that prevent organizations from adhering to the security principle of "least privilege."

In theory, "least privilege" sounds good -- a user should always run applications with the absolute minimum level of privileges necessary, thus minimizing the damage an attacker can inflict when he breaks into the user's system.

In practice, a combination of factors make it extremely difficult for administrators to enforce least privilege. The productivity gains of computing in multi-tasking Windows environments largely depend on the ability of users to easily access data in one application and transfer it into other applications and on the ability to switch seamlessly among unrelated applications to follow natural thought patterns. Many of the most productive applications have a poor design that requires a user to have administrative privileges to get the application's full benefit. Meanwhile, powerful utilities and tools needed by administrators and developers properly require administrative privileges.

None of the workarounds is optimal. Logging in and out of administrative accounts disrupts productivity. The existence of multiple accounts for a single user presents its own security risks. Meanwhile, efficiency and laziness often causes users with access to an administrative account to make that account the default anyway. Using the RunAs utility introduced by Microsoft in Windows 2000 is impractical in many cases because running an application that way does not grant access to regular user settings.

DesktopStandard is extending Group Policy with its new product, PolicyMaker Application Security, to attach privileges to a specific application. For example, an administrator could be running an administrative utility with full privileges and, without switching users, check an online help file via Internet Explorer with minimum privileges.

"We say, 'Don't give the user extended rights, give the process extended rights,'" Sullivan says. "Give the process the privileges."

DesktopStandard has a new Website,

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Old Stone Wall Graphic

    Microsoft Addressing 36 Vulnerabilities in December Security Patch Release

    Microsoft on Tuesday delivered its December bundle of security patches, which affect Windows, Internet Explorer, Office, Skype for Business, SQL Server and Visual Studio.

  • Microsoft Nudging Out Classic SharePoint Blogs

    So-called "classic" blogs used by SharePoint Online subscribers are on their way toward "retirement," according to Dec. 4 Microsoft Message Center post.

  • Datacenters in Space: OrbitsEdge Partners with HPE

    A Florida-based startup is partnering with Hewlett Packard Enterprise in a deal that gives new meaning to the "edge" in edge computing.

  • Windows 10 Hyper-V vs. Windows Server Hyper-V: Which Platform for Which Workloads?

    The differences between these two Hyper-V versions are pretty significant, depending on what you plan to use them for. Here's a quick rundown of each platform, from their features to licensing quirks to intended use cases.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.