What is BeyondTrust EPM?
BeyondTrust Endpoint Privilege Management temporarily elevates privileges to perform administrative actions on your workstation. It provides users with only the endpoint privilege access necessary to complete their tasks, such as installing/uninstalling programs, running elevated command prompts, etc. BeyondTrust is configured to be flexible so users can complete tasks necessary for their jobs, but please note all actions will be logged and monitored by OIT Security.
What will BeyondTrust look like on my device?
BeyondTrust runs in the background for the most part. You will only see a prompt on your device when running the following:
Windows
- When running trusted and signed UAC prompts – Please click Yes to proceed
- When running signed UAC prompts – please select a reason from the list and click OK to proceed
- When running certain applications not deemed necessary for job purposes (ex. Steam, Gaming, etc): – please provide a valid reason for proceeding with download, install, etc and enter your password. Click OK to proceed
- When running any other UAC prompts/restricted functions (Advanced System Settings, BitLocker Device Encryption Tool, Registry Editor, Security Properties, Windows Defender Security Center, etc.) – this will be blocked. Please reach out to Security via ITSD for approval or desktop support
macOS
- Authorizing System Preferences or running any application requiring authorization (All System Preferences, Any OS X Package, Any OS X Bundle)– please enter your username and password and click Yes to proceed
- Authorizing controlled OS functions (Accounts, Security, Users & Groups, ePO, etc) – this will be blocked. Please reach out to Security via ITSD for approval or desktop support
If you have any issues or concerns, please contact OIT Security at itsd@ua.edu