Most systems have a small number of day-to-day administrators, who work during normal business hours to manage configuration, patches, security, storage, etc. If a problem arises during the normal work-day, these administrators are called and they fix the problem promptly.
Other users who may require access include vendors, developers or IT operations, who might need access in the event of an emergency. These users are infrequent and their access should be linked to a specific request, a single time window, an approval and possibly a recording of their activity.
- Hitachi ID Privileged Access Manager includes a workflow engine, designed to allow people who do not have pre-authorized access to request one-time access.Requests normally include a time window and ticket number.
- A policy framework selects authorizers for each request.
- A robust workflow engine invites and reminds authorizers to act, which they do using a browser or smart phone app.
One-time access is based on a robust, traceable request/approval process where every participant is strongly authenticated and where login sessions may be recorded.