Click HERE to see how Saviynt Intelligence is transforming the industry. |
01/16/2024 10:21 PM
Hi ,
Would like to explore the possibility of having additional control on Access request workflow in Saviynt.
All ARS approval/rejection are done in Saviynt, we have some critical application access approval which we want to prevent from being approved by anyone with Saviynt Admin access or in the event Saviynt is comprised. Is it possible to have MFA like approval imbedded in the workflow where the approver has to input token/code received via sms/email in order to complete the approval process. This would reduce the risk of unauthorize access approval in Saviynt.
01/18/2024 02:19 AM
Hi @pmarvig,
We are checking on your request and we will keep you posted.
01/18/2024 03:43 AM
OTP should be the right term instead of MFA. ARS approval with OTP
01/22/2024 08:32 PM
Hi @pmarvig,
You are suggesting an additional security measure. You want the approver to receive a one-time password (OTP) via SMS or email, which you would need to input to complete the approval process correct?
01/22/2024 08:47 PM
Yes, was exploring on how to secure approval process, particularly for Privilege accesses.
We are looking into ways to prevent rogue users with Admin SAVROLE to request and approve Privilege Accounts.
SavRole Admin can approve on-behalf, modify workflows, disable any monitoring to external systems (SIEM) hence compromise of SAVROLE ADMIN may not be detectable until later.