Access Director Enterprise: Privileged Access Management
What is Access Director?
Access Director is an easy-to-use access management tool for Windows platforms, which enables system administrators to manage and monitor user privileges.
Why do you need it?
Managing user privileges – access levels and permissions within the infrastructure – is a critical component of keeping your company’s data secure.
Good user management ensures that only the approved and appropriate individuals have the relevant amount of rights, and that user privileges are updated or removed on-demand.
How does it work?
Access Director monitors installations and data access on the local system, and notifies administrators of unusual or malicious activity. With the notifications, administrators can check and verify activity, and mitigate any risk the activity poses to the organization.
When plugged into CTGlobal Insight Analytics, issues detected through Access Director are displayed in the Insight Analytics dashboard, and can highlight structural flaws in the configuration of user privileges.
Access Director System requirements:
Access Director does not support:
Active Directory Integration
– Checks user privileges and only allows elevation if the user is a member of a specific group.
– Checks if user is set as the ‘owner’ of the device. Can be combined with User Group or used as stand-alone.
– Supports caching of ldap data, for offline usage.
– Sends all information to intranet or internet-based reporting point.
– Little to no administration using Active Directory or as stand-alone
Customizable Elevation Timer
– Change the elevation timer to suit your schedule.
Group Policy ADMx Templates
– All configurations can be set using Group Policy ADMx template
Monitor Elevated Files
– Monitor what files are elevated on client computers
Monitor Installed Software
– Monitor the installed software on client computers
– Specifically monitor for software installed during elevation timer and outside of elevated timer window
Monitor Uninstalled Software
– Monitor software uninstalled when the user is elevated or outside of elevated timer window
Pin-Code OTE (One-Time-Elevation)
– Require user to enter pin-code generated by third-party application or service desk
Status reporting and logging
– Monitor What, Why, When and Where in one simplified web console
Indicators of compromise
– IoC in computer forensics is an artifact observed in the operating system that with high confidence indicates a computer intrusion. Typical IoCs are virus, registry entries or MD5 hashes of malware files