facebook logolinkedin logoyoutube logo

Introducing Cloud Defense Free Enterprise Scale CSPM. No Cost. No Strings. No Kidding

Learn More
FIREMON

Authorization Control

Defend your IAM perimeter with integrated just-in-time approvals and increased security measures

Precision Control for Admins, Developers, and Incident Response

Cloud services combine all the administrative controls for a datacenter, put them on the Internet, and protect them with little more than a simple username and password. The accounts with the highest privileges present the highest risk if they are compromised or misused. Even tasks that need simple read only permissions risk accidental data disclosure or a full breach. Traditional monitoring tools can detect some forms of abuse, errors, and threats, however it’s not consistent and often it’s long after the damage has been done.

FireMon Authorization Control

FireMon Authorization Control eliminates permanent IAM privileges assigned to users using just-in-time access and precision identity policy restrictions. Users get the access they need, only when they need it, securing the biggest attack vector for cloud-based resources.

Working with your existing identity solution providers, FireMon Authorization Control gives you real-time workflows to request and grant access using ChatOps, support privileged access workflows, and insert policy restrictions such as time of access, source IP addresses, and tag-derived attribute-based access controls.

In less than 30 seconds, users get the access they need, only when they need it:

  • Request access via Slack and MS Teams
  • Approve (or deny) requests for access with one-click simplicity
  • Access resources only with the permissions needed for limited duration of time
  • Expire and terminate access keys automatically when the session ends
  • Audit all activity associated with each access request

FireMon Authorization Control

Authorization Control Features

Just-in-Time Access

Provide access to your administrators and developers only
when they need it. Security teams can dynamically grant
privileged access for a specific duration using real-time
workflows and pre-configured templates that ensure nothing
is missed.

  • Time-based privilege increases using pre-defined
    templates or custom controls
  • Integrate with existing privileged access workflows
  • Support for AWS and nearly every identity provider
    including Okta, Ping, and Azure AD
  • SIEM/SOAR integration for logging and response access

Real-Time Request Routing

FireMon Authorization Control uses the tools your team is already using to speed adoption and the entire approval process. Users simply initiate a request via chat and the approvers are immediately notified of the request. Once approved, a real-time maintenance window can be created in seconds allowing the user in with the approved access privileges.

  • Chat integration with existing tools including Slack and
    MS Teams
  • Requests capture key information for approval including the account, permissions needed, and justification
  • Single-click approvals embedded in chat
  • Direct messaging or group integration visibility and accountability
  • Auto-approval options with chat-based team visibility and logging

Enhanced Policy Restrictions

FireMon Authorization Control offers additional authorization options that enhance the tools you have in place today. Security teams can create custom templates that add additional requirements including multi-approvals,  IP restriction, or resource attributes such as tags.

  • Custom policy templates
  • Configure additional restrictions for sensitive systems
  • Multi-approvals (m-of-n) for an extra layer of security

Use Cases

  • Elevate privileges in response to specific issues
  • Daily access approvals to protect against use of stolen credentials
  • Refine SSO access to privileged accounts

Get 9x
BETTER

Book your demo now

Sign Up Now