Various types and categories of users, such as IT staff, developers, third-party vendors, and contractors require administrative access to IT resources for performing their work. Granting them an ‘always-on’ administrative access introduces several security issues, including insider threats. The best practice approach is to give just-in-time access, which follows well-defined request-release controls and automatic password resets. Securden helps in automating the entire process.
Just-in-time access with four-eyes principle
You can force users to raise a request whenever they need access to an IT asset or an application. Administrators will review the request, and grant time-limited access. Users will get access strictly when required and only for a limited duration.
Flexibility to grant permanent and temporary access
Securden allows the flexibility to grant permanent access or just-in-time access depending on specific requirements.
- For certain categories of users or specific IT assets/applications, permanent privileged access can be granted. This is helpful for employees who continuously work with admin interfaces.
- You can selectively enforce request-release approval workflow for other categories of users, which ensures temporary, just-in-time access.
With temporary privileged access through workflow, Securden ensures time-limited access after admin approval and it can optionally randomize the password automatically after the user completes access.
Choice of on-demand and advance access requests
The users can raise access requests whenever needed (on-demand). For planned activities, they can submit requests in advance and keep the approval ready. The requests have to include a reason justifying their access request, which the administrators can verify to grant the access.
Provision for automated approvals
You can configure automated approvals for the requests coming in from specific categories of users such as senior developers or senior administrators. They need not have to wait for approvals. This feature comes in handy to handle other scenarios like an approver going on vacation.
Fully controlled access
While granting approvals for access, administrators retain complete control. For example, after approval, if the administrator feels that the access is not needed, he can terminate it anytime - before or during the access.
Trace activities with audit trails, session recordings
Securden Password Vault captures every single activity performed by the users as audit trails. You can search for specific actions from text-based trails. Besides, Securden can record the entire RDP, SSH, and other sessions launched from the product as session recordings, which can be played back anytime. You can also choose to monitor sessions in parallel, real-time.