Software developers normally have privileged access to development
and test systems, but not production. This is a reasonable
control, but it creates delays when production systems have problems
and require troubleshooting.
- Privileged Access Manager includes a workflow engine, designed to allow
people who do not have regular administrative access to systems
to request such access.
- Programmers or system owners can request access for a particular
developer to get a privileged password, at an indicated time and
for a specified interval.
- Requests are entered on a web form, e-mails are sent to system
owners or authorizers to approve access and recipients receive
an e-mail with a link to an access disclosure page.
- The workflow includes reminders, escalation and delegation to
Using Privileged Access Manager, one-time disclosure of passwords is convenient