Skip to main content

Endpoint Privilege Management

EPM overview

Enforce least privilege on endpoints, protect against ransomware and malware, and manage elevation requests without compromising user productivity.

Overview

Endpoint Privilege Management (EPM) is a cloud solution that allows you to remove local admin rights on your Windows and macOS workstations. With idemeum you will be able to manage elevation requests without users even knowing that admin rights were removed.

By removing local admin rights you can implement least privilege and protect your customers against malware.

Get started quickly?

Quick-start guides
Follow product guides that we created to test idemeum platform use cases.

Support matrix

Operating system Versions
Windows 10, 11, IoT
macOS 14 Sonoma

Product components

Endpoint Privilege Management (EPM) is a cloud-based product that can be deployed by installing workstation agents and managing rules and elevation requests from the cloud dashboard.

  • Desktop agent - desktop agent is installed on each user workstation. It processes all elevation events by capturing them, and sending them to idemeum cloud to match against defined allow or block rules. Desktop agent also offers user interface to request privileged actions for users.
  • Admin portal - admin portal is used to manage your EPM deployment. You can manage agent elevation modes, create elevation rules, approve or deny elevation requests, and view the audit trail for your deployment activity.
  • Mobile application - when users request privileged action (such as installation of new software, or accessing protected settings), all technicians receive mobile notification with the request details. Technicians can approve privileged action from a mobile device for specific user and application, or create a rule that will apply to all similar requests going forward.