Overview

Securden Endpoint Privilege Manager (EPM) is a comprehensive solution designed to enhance endpoint security by enforcing the principle of least privilege. It allows organizations to remove local administrator rights from endpoints without disrupting user productivity. The solution offers granular application control, enabling standard users to run approved applications that typically require administrator rights. EPM also provides temporary administrator access on a just-in-time basis, ensuring that elevated privileges are granted only when necessary and for a limited time. With continuous monitoring and audit capabilities, Securden EPM helps organizations maintain compliance and mitigate risks associated with privileged access.

Features and Capabilities

• Inventory of Devices: Discover and create an inventory of endpoints and servers in your organization to determine which devices require least privilege enforcement.
• Local Admin Analysis: Identify and track the list of users and groups that are part of the local admin group on computers in the domain.
• Applications Discovery: Automatically discover applications that require administrator privileges across the enterprise and consolidate them centrally.
• Granular Application Control: Define and control which applications can be run by standard users through whitelisting and blacklisting.
• Policy-based Management: Centrally manage least privileges through control policies, allowing processes to be elevated on specific endpoints, by specific users or groups.
• Offline Scenarios: Ensure least privilege and application controls even when the endpoint is offline or away from the network, such as when users are working from home.
• Remove Admin Privilege: Remove local administrator rights from users on Windows endpoints, enforcing least privilege without impacting operational efficiency.
• Elevate Applications On-Demand: Empower standard users to seamlessly run approved applications that would normally require admin rights whenever needed.
• Temporary Administrator Access: Grant time-limited, fully controlled, and comprehensively audited temporary administrator access to standard users on a need basis, with automatic revocation.
• Workflow Controls: Implement well-defined workflows with automation options to handle the lifecycle of all requests for approvals from end-users.
• Application Elevation Trends: Track the trend of applications that are elevated by standard users over time and detect unusual or suspicious activities.
• Continuous Monitoring: Continuously monitor who has administrator privileges, detecting if new local administrator accounts are added.