AUTO ELEVATE - USER EXPERIENCE GUIDE

PURPOSE

A Just-In-Time, Privilege Access Management software called Auto Elevate is being installed on users’ devices soon. This allows known software installations to occur, vet new installations against a virus database to ensure no known viruses are installed and prevents users from unknowingly letting a hacker into the Mister network.

VIDEO

PROCESS

How it works:

These tools are rules-based. Only actions that do not pass the rule are flagged and sent to an IT administrator for review. This reduces our security risk without getting in the way of users’ day-to-day business operations.
There does need to be a response by an administrator in IT to approve a request that does not have a pre-set rule. Continue reading for some situations that users may encounter.

When a program or function already has a rule in place

User opens program or performs function.
The User Account Control (UAC) prompt is intercepted by Auto Elevate to check for and find an existing rule that allows the process to continue. See below for an example prompt.
- Auto Elevate enters administrative credentials into the UAC prompt, requiring no user intervention.
Once the above occurs, the program then opens, or the task continues.

When a program or function does not have a rule in place

User opens program or performs function.
The UAC prompt is intercepted by Auto Elevate and checks for an existing rule that matches the request but does not find one.
The user is presented with a confirmation dialog box, see below for an example. This allows the user to verify what is being attempted on their device (program or function).
Selecting No: cancels the action
Selecting Yes: sends a request to the Auto Elevate administrators.
When a user selects yes, they are presented with a dialog box, see below for an example. The dialog box lets the user know that their request has been submitted and the program administrator is reviewing their request.
If the timer reaches 0:00, the user is presented with the message below, reassuring them that their request has been submitted.

When a users’ request is denied:

If the request has been denied, the user is presented with the dialog box below informing them and providing next steps.

When a users’ request is approved:

If the request is allowed, the user is presented with the dialog box, see example below. The user must then select “OK” to launch the program or perform the function.

When a program or function has a deny in place:

If a user attempts to open a program or perform a function that has been denied in the past, they are presented with an immediate denial. See the dialog box below for an example message.