Privileged access granting
It provides a privileged access granting/reporting workflow
iDoperation can manage the status of applications, approvals and privileged access granting. Users applying for privileged access clarify period of use, purpose of use, work content and privileged identity, then submit their applications through the iDoperation workflow.
Approvers verify the validity of applications and approve them. iDoperation can keep a record of what kind of operation is done when, by whom, and for what purpose.
Access granting workflow
Users apply for privileged access
iDoperation accepts an application for privileged access in the workflow according to preset rules.
Users applying for privileged access indicate the period of use, purpose of use, work content, and privileged identity when filling in the form .
Applications
Applicants clarify period of use, purpose of use, work content, and privileged identity. Previously used applications can be used again to save time and effort.
Collective applications
Accounts for granting can be specified together, one by one, or with a one-time privileged ID.
Emergency applications
When emergencies arise, it is possible to grant privileged access without advance approval.
One-time privileged IDs
For accounts for granting, you can specify a one-time privileged ID (a privileged ID that is valid only for the period in the application).
Access granting workflow
It allows multiple applications to be handled collectively
When a user applies, iDoperation notifies the approver of the request based on the workflow preset for each target. The approver verifies and approves the work requested if it is based on legitimate purposes.
In the iDoperation workflow, the approver can check the details of more than one application in a single window and approve multiple applications together to save time and effort.
It temporarily grants privileged access based on approval
Granting of privileged access
It keeps passwords secret and allows auto logging in to the server
Once privileged access has been approved, iDoperation automatically grants privileged access to the user for the approved period of time. When the period is over, privileged access is automatically revoked.
Privileged users automatically log in to the server using privileged IDs granted by the iDoperation Client.
iDoperation Client keeps passwords secret to prevent use by unauthorized users.
iDoperation Client includes applications for Windows and the web.
iDoperation Client (Windows/Mac application)
Authenticating privileged user
Authenticating users with iDoperation Client enables identification of who uses the identity, even if it is shared.
Listing available targets
A list of approved privileged users is displayed. Basic information on the target and application information are also displayed.
Granting privileged access
iDoperation Client grants privileged access while keeping the password secret so only privileged users with permission can gain access.
Granting privileged access (one-time passwords)
When local logging in to the target is needed, such as to work with the console, a one-time password can be used.
iDoperation Web Client (web-based applications)
Privileged access can be granted from iDoperation Web Console. If you log in to iDoperation Web Console, iDoperation Web Client (privileged use menus) displays a list of targets and privileged access allowed to be granted. When you connect to the target from iDoperation Web Client, iDoperation Client (Windows application) is activated to enable access with the password concealed.
