Removing administrative rights...finally...maybe?

Coming soon - Get a detailed view of why an account is flagged as spam!

view details

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

6

Removing administrative rights...finally...maybe?

Post Body

Hi all,

I work at an organization with just under 10,000 employees. Users have always had admin rights, and we're long past due to rectify that. I have noticed that some tools out there to manage elevated rights like BeyondTrust, Thycotic, CyberArk have audit-only modes so you can see when your users are actually using administrative rights. I was wondering if anyone has ever used a tool like this that didn't require an official POC with a vendor, seeing as I'm not sure I will even get budget to actually do anything. My current project/task is to determine LOE to get this work done, but without some ability to actually see when/why people are using admin rights, it's going to be difficult to determine.

Thanks all in advance

Joey

Author

Account Strength

80%

Account Age

5 years

Verified Email

Yes

Verified Flair

No

Total Karma

352

Link Karma

112

Comment Karma

240

Profile updated: 1 day ago

Posts updated: 16 hours ago

sposedto

Subreddit

r/ITManagers

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.

Posted: 3 years ago
Reddit URL: View post on reddit.com
External URL: reddit.com/r/ITManagers/...