Imprivata Privileged Access Management Product Update 2.3.202101242305
January 24, 2021
PAM Update: Added dynamic permissions support for request approvers to review, join and terminate sessions, added mass request options to SSH Proxy Shell
This update adds dynamic permission support for request approvers to review, join and terminate sessions of this request as well as the option to mass request unlock access and report request status by using wildcard at the end of the record name in SSH Proxy Shell.
Added support for request approvers to review, join and terminate sessions of this request
The update added support for request approvers to review, join (for WEB Sessions) and terminate sessions of this request even in case the approver otherwise does not have permissions to View or Connect to a record or is required approved request to create new sessions.
The option creates virtual dynamic credentials for the approver to access certain aspects (review, join, terminate) of the sessions created based on the approved request.
It enables use cases such as shift supervisors assisting or overseeing access to sensitive assets performed by the shift administrators.
The option also enforces dual control or peer review requirements when accessing critical infrastructure.
Added the option to mass request unlock action in SSH Proxy Shell
The update added the option to bulk request unlock action to multiple records simultaneously using the request connect command in the System SSH Proxy Shell. The option automates access requests for administrators preparing to manage multiple assets.
To make mass requests use * (wildcard) at the end of the record name when executing request unlock search* time-requested reason command.
In response to this command, the shell will request unlock action for all records that include search as part of the record name.
Before requesting unlock action, the command will list affected records on the screen if there are few of them and will display the number of affected records to request unlock action in case there are too many of them (more than 20) before asking user configuration for bulk request.
Added the option to display request status for multiple records in SSH Proxy Shell
The update added the option to display request status for multiple records simultaneously using the request status command in the System SSH Proxy Shell.
The option automates access requests for administrators preparing to manage multiple assets.
To display request status for multiple records add * (wildcard) at the end of the record name when executing the request status search* command. In response, the command will display the request status of each record found by the specified search criteria.
Added the option to navigate to Record View screen in custom reports
The update added the option to navigate to the Record View screen in custom reports.
The option enables system administrators to create action-able custom reports that provide immediate drill-down access to the reported assets to make changes or to further investigate the case using record-based reporting.
To enable a column to display a link to a record page, select record ID in this column and name the column record_id.
Example of report displaying archived records with record name, record type and a link to a record in the last column:
select
m.name as name,
m.description as description,
m.recordType as recordType,
m.created as created,
m.author as author,
m.id as record_id
from
Record m
where m.archived is true
