BeyondTrust Privileged Remote Access controls access to critical systems and remote desktops without hindering the work privileged users need to perform.
You can closely define how users connect, monitor sessions in real time, and record every session for a detailed audit trail. Meanwhile, end users get a simple, easy to use console.
Here are the remote access features at the core of the solution.
Enforce a policy of least privilege by giving users just the right level of access needed for their roles. For shared accounts, easily establish individual user accountability.
Define what endpoints users can access, schedule when they can access them, and whitelist/blacklist applications for a comprehensive approach to privileged access. Control and monitor sessions via a secure agent or using standard protocols for RDP, VNC, Web, and SSH connections.
Set authorization and notification preferences to be alerted when a user is accessing Privileged Remote Access. Administrators can use their mobile devices to approve requests and monitor access usage from anywhere.
BeyondTrust Privileged Remote Access allows Developers and DevOps teams to access the systems they need to access to do their jobs. This functionality is enabled through a streamlined interface that promotes a protocol first and bring your own tool (BYOT) workflow.
Not only can these users access existing systems, but APIs are available that allow instant access to ephemeral systems in multi-cloud environments.
Privileged Remote Access increases user security without impacting daily workflows, and can deploy in just a few days. Automate processes with features like credential injection and SIEM integrations.
Transfer files within the session, using the thick client or browser based console.
Administrators and IT teams can consolidate the tracking, approval, and auditing of privileged accounts in one place.
Require all connections to be brokered through a single access pathway. This substantially reduces the attack surface and provides a single list of authorized endpoints available for each user.
Improve the end user experience with the use of a single interface. Improve the service desk experience by reducing remote support ticket clutter with a new access request workflow.
Effectively manage privileged access to business assets that leverage web-based management consoles. This includes IaaS servers, hypervisor environments, and web-based configuration interfaces for core network infrastructure.
Advanced Web Access can be configured to work across any solution that leverages a web interface for management. This includes:
Use mobile apps or a web-based console for privileged access anytime, anywhere. In addition to desktop consoles for Windows, Mac, and Linux, BeyondTrust Privileged Remote Access includes mobile apps and a browser console.
Native mobile apps give users secure access over cellular or Wi-Fi networks from Android or iOS devices, only to allowed endpoints.
The BeyondTrust Privileged Remote Access web console enables privileged access from the browser without installing software locally.
Satisfy internal and external compliance requirements with comprehensive audit trails, session forensics and other reporting features. Capture detailed session data for real time or post session review.
Administrators can review and monitor the use of privileged accounts, and easily provide attestation reports to prove compliance.
Privileged Remote Access eliminates the need for privileged users to remember or share credentials for the systems they need to access. Store passwords in the on-appliance vault. Or, integrate with BeyondTrust Password Safe or another Password Management Solution.
This password component enables our credential injection capabilities. Instead of requiring privileged users to know usernames and passwords for each endpoint, we can store those credentials securely. And then, using API functionality, we can retrieve those credentials and inject them directly into a session.
This means you don’t need to expose company credentials, giving you more control and flexibility around those accounts.
One of the most important parts of managing third-party risk is having good onboarding processes. With Vendor Onboarding, eliminate the manual overhead of managing vendor teams and users. Instead, delegate portions of the vendor user administration to trusted sub-admins and vendor admins.
This eliminates shared accounts while providing an easier path to adding new vendor users as they onboard.
Administrators can delegate the management of vendor and internal users to trusted vendor administrators or other internal users. Then, easily manage vendor users through Group Policy.