Privilege Elevation and Delegation¶
Privilege Elevation and Delegation helps in eliminating administrator rights on servers and endpoints. Instead of granting shared administrative access to servers, you can establish policy-based controls to allow standard users to access required servers.
Securden takes care of elevating the applications for standard users. Similarly, you can eliminate local administrator rights on endpoints and elevate applications for standard users. In Linux devices, you can allow users to run specific commands with SUDO privileges in Linux.
PEDM - Summary of Steps¶
- Deploy the Securden agent on the servers, endpoints
- Discover/add applications, processes, and commands
- Create application control policies
- Remove admin rights across endpoints
Step 1: Deploy Securden Agent on Computers¶
To elevate and delegate privileges, you need to deploy Securden agents on servers and endpoints. The agent takes care of elevating the pre-approved applications and processes for standard users. The agent also allows users to request temporary access to applications/ temporary full admin access.
Securden agent can be deployed in two ways:
You can deploy Securden agents on endpoints and servers either manually or in bulk using Group Policy Objects.
Agent for Windows Machines
Navigate to Admin >> Privilege Elevation and Delegation >> Securden Agents >> Install Windows Agent
You can download the agents for 32-bit, 64-bit MSI and install them manually in the remote machine.