Overview
Gain centralized visibility and control over all privileged accounts across your applications. This feature allows IT teams to proactively identify and manage security risks such as excessive privileges, shadow admin accounts, and gaps in Multi-Factor Authentication (MFA) enforcement. With a dedicated dashboard and powerful insights, you can strengthen your security posture and ensure that elevated access is always monitored and justified.
How You Can Use It
- Comprehensive Risk Assessment: Utilize a consolidated dashboard to view all privileged accounts across your entire app ecosystem, enabling you to quickly identify and prioritize potential security risks.
- Enforce Stronger Security Policies: Instantly identify all privileged accounts that do not have MFA enabled, allowing you to take immediate action to enforce stronger security policies and protect critical access points.
- Manage Shadow & External Access: Discover and manage shadow privileged accounts and external privileged users (including non-human identities) to ensure all elevated access is sanctioned and monitored.
Key Features
- Dedicated Privileged Access Dashboard: A new, dedicated tab within the 'Access' section providing a single pane of glass for all privileged access data.
- Insight Cards: At-a-glance summary metrics highlighting key risk areas, such as users with excessive privileges, accounts without MFA, and shadow or external privileged users. These cards also function as quick filters for the data table.
- Detailed Account Table: An interactive table listing all privileged accounts, with powerful filtering and drill-down capabilities to navigate directly to specific app or User Profile detail pages.
- Enhanced User Profile Visibility: User Profiles are now enhanced to clearly indicate if a user holds any privileged access roles, making it easier to spot elevated permissions during routine checks.
Steps to use Privileged Access
Enable the feature
Step 1. Navigate to the Access > Privileged Access menu.
Step 2. The list displays the number of users with administrator privileges per application. If the number is more than 1, it is clickable.
Step 3. Clicking any of the four boxes in the upper-right corner of the screen allows you to filter the list view.
FAQ
Q1: What exactly is a "shadow privileged account"?
A1: A shadow privileged account refers to a user who has elevated or admin-level access to a corporate application but is not registered in your primary Identity Provider. Our platform helps you discover these accounts so you can bring them under official management or revoke their access.
Q2: Can I remove a user's privileged access directly from this new dashboard?
A2: In this initial release, the Privileged Access dashboard is focused on providing comprehensive visibility. Direct remediation actions are planned for a future update. For now, you can click through to the application's management page to make changes.
Q3: How does this feature identify users without MFA?
A3: The platform integrates with your SaaS applications to check the security status of each user account. It specifically looks for accounts that have been assigned privileged roles but do not have Multi-Factor Authentication (MFA) enabled, flagging them for your attention.