Skip to end of banner Go to start of banner

Self-Elevation

Skip to end of metadata

Created by Anonymous, last modified on Sept 18, 2013

Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

User Self-Elevation occurs when mobile, remote, or power users need to run software that is usually run by Administrators only. Risks can occur when users are allowed to self-elevate and the option to allow self-elevation should be weighed carefully. The default policy will give the end-user elevated rights on the application, although the policy can be modified to gather feedback.

To Enable Self-Elevation

From the Arellia Security Manager Console, go to the Policies tab.
Navigate to Application Control / Policies / Privilege Management.
Select the User Requested Run As Administrator Policy and select Enable.
Enable Self-Elevation in the Application Control Agent Configuration.

Testing:

From a computer with the ACS Agent installed, Update the Client
Right-click an application and select Request run as administrator

The user will then be required to enter a justification for needing to run the application elevated

Justification events can then be acknowledged and assigned to policies in Event Summary

No labels