cancel
Showing results for 
Search instead for 
Did you mean: 

Temporary Elevated Privileges is Here!!!

dwjohn
JumpCloud Employee
JumpCloud Employee

Today, we are excited to announce that Temporary Elevated Device Privileges is General Availability (GA). As we continue to focus on providing more security focused capabilities, elevated privileges on a device was an easy choice. The ability to have more control over who has admin access to a device and for how long is more important than ever to IT Admins. Being able to take a “Least Privilege Access” approach to device permissions is a key component of any Privileged Identity Management solution.

Key Capabilities

  • Manage User Privileges: Ability to set an individual user’s privilege on a device for a selected period of time.
  • Automate User Privilege Expiration: Elevated privilege on a device will automatically expire and return to the previous setting without the admin taking additional (manual) steps.
  • Data Insight Events: Data or events are generated when the privilege is elevated, used, automatically expired, and returned to its  previous state.

Key Benefits

  • Efficiency Through Automation: Admins can move on to other tasks without having to worry about resetting a user’s privilege on their device.
  • Improved Security Posture: User’s privileges are automatically removed when it’s no longer necessary.
  • Compliance Adherence: Relevant logs provided to be able to audit, troubleshoot, and meet compliance requirements.

IT Admins and Managers can find this feature in 2 ways. First is by navigating to an individual device and then clicking on the users tab. Once there, they have the ability to elevate the individual user’s permission on that device.

 

 

dwjohn_0-1711649509630.png

dwjohn_1-1711649570174.png

 

 

 

A similar experience exists by navigating to an individual user and then clicking on the devices tab. The permission change modal operates the same as in the previous flow.

dwjohn_2-1711649614152.png

 

Wrap Up

The introduction of this feature is a first step towards more Identity Governance and Administration (IGA) type use cases. You will see us mature the Temporary Elevated Privileges experience along with the ability for users to make requests and approvals to occur all within the JumpCloud platform. Stay tuned as we continue to make progress down this path.

Additional Resources

Set Admin/Sudo Permissions Support Article

JumpCloud University Link

 

2 REPLIES 2

Kathlyn
Novitiate II

Are there any limitations or restrictions associated with Temporary Elevated Privileges that users should be aware of?

Hi @Kathlyn there are highlighted Notes and Warnings in the documentation normally 🙂