European Cloud Summit

Productivity vs. Security – Finding the Balance

by Sophie Alice Dodson

ecs blog | sponsors

Wednesday, Aug 31 2022

Admin By Request Product Overview

An article by European Cloud Summit diamond sponsor – Admin by Request.

Productivity vs. Security

Finding the Balance

The Million Dollar Question:

How do you please your CISO, hell-bent on having air-tight security controls on all endpoints, while also keeping your end users and Helpdesk happy? Doing both concurrently has proven challenging in the past. What usually happens is you have to favour one over the other: productivity OR security.

Thankfully, times are a’changing, and we’re proud to bring you a solution designed with the productivity vs. security problem at the forefront.

The Approach to Security

Admin By Request’s Privileged Access Management (PAM) solution ticks all the relevant boxes for effective security:

The cybersecurity solution applies the Principle of Least Privilege (POLP): the idea that users should only be granted the privileges they need to function in their role. More privileges means greater access to the system and network, which in turn presents security holes. Remove unnecessary admin rights and those security holes are plugged. Applied with POLP at the core of Admin By Request is JIT – Just-In-Time access. For users who do need elevated access in their role, this should only be provided on an as-needed, just-in-time basis, rather than around the clock. Decrease the amount of time your users have elevated access, and you decrease your attack surface. Admin By Request applies these key principles by revoking all users’ statuses to that of standard user.

Malware protection comes as a prominent part of the Admin By Request package. OPSWAT’s MetaDefender Cloud API is integrated into the solution, scanning all file downloads with more than 35 antimalware engines. Malicious files are flagged and quarantined to be dealt with before they can infect your system.

The User Portal is essentially the control and visibility center for all users and endpoints in your organization. It features a full hardware and software inventory, detailed, tailorable reports, a comprehensive Auditlog of all elevated activity, and settings and sub-settings for every feature and aspect of the software, which can be used to dictate how it works for your users.

Significant events and suspicious activity trigger alerts which appear in your User Portal and your email inbox as configured.

Plugging in Productivity

Despite extensive security measures, productivity is maintained for all users whose main concern is to be able to do their jobs, uninterrupted by over-the-top security controls.

Productivity for the End User

  • Self-Service Access: Although user access is revoked across the board, users can still gain access when they need it. Access is self-initiated, and self-serviceable – users simply request the access they need, and their request is approved or denied with the click of a button by your IT admins.
  • Intuitive User Interface: The software is so simple it doesn’t require relearning. Most users are already familiar with Microsoft’s User Account Control (UAC); Admin By Request essentially replaces UAC, but makes it possible for standard users to gain the much-sought-after admin access when required.
  • Range of Elevation Methods: It’s not a case of ‘only X users can gain access’ – there’s a method of elevation to suit everyone in your organization, be that developers who require extended periods of elevated access, or third-party contractors who require provisioning of a temporary local admin account.
  • Multiple Operating Systems: Let your users stick to their preferred OS – Admin By Request is available on the three main operating systems: Windows, macOS, and Linux.

Productivity for the IT Admin

  • Efficient Deployment: The installer package is a meagre 15-something megabytes and takes all of 20 seconds to install on endpoints. From there, it’s a matter of tailoring settings to suit your organization’s needs with simple toggles and controls.
  • Freed Resources: The self-service nature of the application takes menial tasks (such as installation of everyday, trusted applications) out of the hands of Helpdesk, whose time is better spent focusing on significant issues. The application-whitelisting feature further helps with freeing up valuable resources from unimportant tasks.
  • Bulk Actions: Contributing to the efficient deployment of Admin By Request is the ability to apply settings, create rules, and run actions in bulk. E.g., require all users in the HR department to provide a reason for requesting admin access, but allow the development team to bypass this requirement; remove groups of unknown / unwanted local admins in one click; lock down all devices to the owner of that device.

Finding the Balance

The balance between productivity and security is unique to each organization – but at no point should either one compromise the other. Admin By Request’s local admin rights solution is designed to provide all the tools needed to find that perfect balance, completely tailorable to your company’s individual needs.

 

Visit Us at the European Cloud Summit

We’ll be at the ECS in Mainz, Germany, September 26th – 28th. Visit us to learn more about how we can help you balance productivity and security in your organization. In the meantime, try the solution yourself with our Free, lifetime plan.