Quick-start - Endpoint privilege management
Enforce least privilege on endpoints, protect against ransomware and malware, and manage elevation requests without compromising user productivity.
Prepare your MSP tenant
First and foremost sign up for idemeum cloud tenant and make sure you orient yourself with basic set up, such as adding technicians, creating customer tenants for your MSP, setting up branding and more. We have created a basic MSP tenant set up guide.
Configure your customer tenant
Enable local directory for customer tenant
- Navigate to
Users
→User source
- Choose
Local
from the dropdown andSave
the configuration
Install idemeum desktop application
Choose a workstation where you would like to manage user elevations. We will need to install idemeum desktop agent there. Follow the steps below to install idemeum desktop agent with command line.
Turn on elevation mode to rules
Follow the steps below to turn on the elevation mode to rules
for the desktop where you installed idemeum agent.
Once the mode is turned on to rules
for the workstation, idemeum will start intercepting the elevation requests and offering the user the option to request an approval from IT team.
Test elevation requests
- Login into a workstation as a
standard user
- Launch an application the requires admin privileges
- You will be presented with a dialog for IT approval
- Once requested, you will receive a notification to a mobile device
- You can
allow
ordeny
this request with mobile or web portal
More information about the requests.
Create elevation rules
You can create elevation rules of you want to automatically deny or approve certain actions on user endpoints. More about the rules below.
If you have any questions, drop us a note in our Discord chat.