The value proposition

You are probably reading this because you know you have a problem. Either your company allows users to maintain local administrator rights or you have to do countless remote installs. We can solve this for you with little effort and, at the same time, free up your IT resources.

We have customers with tens of thousands of users, who have tried to implement whitelisting solutions, but failed and came to us, because this way you can only see the world in retrospect. Your users will hate you for blocking their workday. Even with unlimited resources, no one can predict what your users need today. Instead of speculating on this by creating whitelists ahead of time, Admin By Request works proactively the other way around. If your users start to install software, the Admin By Request client intercepts this and installs the software with a full audit trail - without the users being administrators. It's like the self-checkout at the supermarket.

It is also safer than traditional whitelisting solutions - just because an administrator whitelists a file doesn't mean it is safe. We real-time scan files with more than 35 anti-virus engines before allowing those files to run with administrative privileges.

Nothing needs to be installed or changed on-premise. Users do not need to be re-educated and no one in IT needs to spend endless hours on whitelists or remote installs. All you have to do is to deploy the Admin By Request client software. This ease of use is why we are the fastest growing PAM solution in the world. Let us show you - request a demo today.

Request a free demo

Free for 25 endpoints
Click here to download

TRUSTED BY GLOBAL LEADERS

Gartner names Privileged Access Management (PAM) the top project to reduce cybersecurity risks

Privileged accounts (or administrative or highly empowered accounts) are attractive targets for attackers. A PAM project will highlight necessary controls to apply to protect these accounts, which should be prioritized via a risk-based approach. PAM projects should cover human and nonhuman system accounts and support a combination of on-premises, cloud and hybrid environments, as well as APIs for automation.

Sandboxed software installs

In most cases, users need admin rights to install or update software, such as Adobe Reader, Visual Studio or VPN software. The tricky part about revoking local admin rights is doing it in a way that doesn't hinder your user’s productivity, but does lock down local admin rights. That's what Admin By Request can do for you.

When a user starts an install, the process is intercepted and the user has to enter a reason, email and phone number to continue. You can adjust settings to automatically approve installs for some users and require IT approval for others.

The true value of this approach is not a technical one; users do the same as they have always done, but they don't have admin rights to make any changes on the machine. Because users do the same as they have always done, no users are unhappy, and no re-education is needed – Admin By Request seamlessly fits into their everyday work life. Think about the value of being able to smoothly revoke admin rights without having to re-educate all your users.

Knock, knock. Who’s malware?

The elephant in the room, that’s who. But don't worry; we’ve got your back. When users request to run a file with admin privileges, we real-time scan the file with more than 35 anti-virus engines. This gives you assurance that the file is safe.

Malware is often hidden in "too good to be true" freebies, such as free PDF generators, ISO tools, or cleaner tools that your users can be tempted to run. We use OPSWAT's MetaDefender technology to make sure your users are blocked from running any malware with administrative privileges before the damage is done.

Administrator session

Some expert users, such as developers, may have an advanced need. You can allow these users to request a protected administrator session that grants them temporary administrator rights under full audit. Admin By Request protects the computer from being tampered with during the administrator session, such as trying to outsmart the system by adding new local users or removing Admin By Request.

The user will see a timer in the lower right corner on their Windows or Mac computer. Once the timer stops, data about the session will be uploaded to the Admin By Request portal. You can then see software that has been installed or uninstalled, and which applications were run UAC elevated during the session.

Watch Video

Easy Configuration

Configuration is super easy. All you have to do is log into your portal account and apply the settings you want. You can customise settings for users or computers based on their Active Directory groups or Organizational Unit. If you are using Azure AD only, you can filter by Azure groups.

Request Admin right window

The mobile app

The mobile app makes approving requests easy for your team. A request for privileges will be pushed, real-time, to your administrators’ phones. The mobile app gives you access to your full audit log and inventory from your pocket without you having to go to the web portal for data.

More info

Keeping on top of things

The audit log and reporting tools allow you to extract anything in real-time, such as a graphical representation of the requests and elevations happening - as they happen. Admin By Request’s management tools put you in the front seat of the whole operation.

Like what you see?

Feel free to reach out to us for a discussion on how we can help you.

Book a demo Free download Quote