JUST IN TIME PRIVILEGED ACCESS
Provide the Right Access at the Right Time for the Right Reasons.
WHAT IS JUST IN TIME PRIVILEGED ACCESS?
Privileged accounts are often granted “always on” access, when in reality they are only required for brief periods of time. Securing access “just-in-time” (JIT) or only providing the appropriate levels of access to the right resources for the right amount of time is one capability within a comprehensive Privileged Access Management solution and can remove unneeded privileged rights. The CyberArk Privileged Access Security Solution supports the industry’s broadest menu of options for just-in-time privileged access, regardless of user type, target system or type of environment.
JUST IN TIME ACCESS WORKFLOW
Right User. Right Access. Right Resource. Right Time. Right Reason.
By providing users just-enough access at just the right times, organizations can reduce the attack surface by providing privileged access for no longer than necessary and also reduce operational overhead and management
As part of an overall PAM program JIT removes unnecessary standing access; Only provide access to users when and to what is required; Full monitoring and recording of sessions
Reduce the need to manage additional accounts and credentials by placing shared accounts on systems and elevating on demand; Integrate with existing identity and IT management solutions.
FOR END USERS
Gain quick access to the tools needed to perform daily tasks without the need to directly interact with credentials; maintain a variety of workflows and functionality without sacrificing security.
There are a variety of ways in which organizations can implement just-in-time privileged access. CyberArk supports the industry’s widest range of methods to apply just-in-time access use cases into any organization’s privileged access management posture. The most prominent methods include:
BROKER & REMOVE ACCESS
Where shared privileged accounts are provisioned and protected, but access to them is only granted if a user expressly requests access and has this approved by an appropriate authority. Can be done with Dual Control policies within CyberArk Core Privileged Access Security. For third party vendors who require access to critical internal resources for predefined periods of time, CyberArk Alero can be leveraged.