IBM Verify

 View Only

IBM Security Verify Privilege Vault-Part 2-How to design an Approval Workflow

By Sushmita Das posted Tue August 16, 2022 12:59 AM

  
In our last blog, we went through the steps to discover machines/accounts and protect them via secrets. In this edition, we bring to you how we can incorporate approval process before any user tries to access the servers using Admin credentials. This will make the end users as well as the approvers accountable for their actions.

NOTE: If you are interested to know about the user story where this implementation can be applied, please read our PAM Simplified - Blog Series - Part 2.


Any user who needs to access a secret or login to a server via PAM, needs to go via a mandatory approval process. The process can be single level or multi-level.

  • Navigate to Admin->Workflows 
Design it based on the enterprise requirements. If you want to skip a certain step after a certain timeframe, enable the setting and provide a value. Incase the approver(individual user or a group) in the particular step doesn't take any action in the stipulated time, the request proceeds to the next step for completion.



  • In addition to the approval workflow, build a secret policy, specifying the enforcement of approval process.

  • Once the above steps are completed, attach the workflow to the secret with which you desire to incorporate the approval process.


One can configure automated email notifications; whenever a request is created, approved/rejected at a given stage, request completed, etc., an intimation would be sent to the admin.

OOB email notification template above; the notifications are customisable based on the requirements.

Watch the video to understand the request approval process in ISVPV


Curious to know about other features? Have a further read on our next blog.

Learn More at:
IBM Security Verify Privilege Vault Product Details
IBM Security Verify Privilege Vault Technical Documentation


For any queries, contact @Sushmita Das / @Sivapatham Muthaiah

0 comments
43 views

Permalink