JIT Policies are used to control access to application accounts and manage that access for your company’s users (employees, contractors, third parties and customers). There are a number of use cases for a variety of industries in which Cyber Policies provide solutions to solve problems. This document will outline each of the Cyber Policy types available to you and will define how to create, use, and manage cyber policies using the Next Level3 Company Portal.
Accessing JIT Policies
Requirements: Admin Level Next Level3 Company Account Access.
Login to company.nextlevel3.com and navigate to “Management” –> “Cyber Policies”.
JIT Policy Creation
Currently, there are three policy types supported by the Next Level3 Cloud Identity JIT Access platform including;
- Scheduled Policies – Policies triggered at a scheduled time.
- Multi-Approval Policies – Policies requiring more than one user to approve unlocking an account prior to account unlock.
- Alert Policies – Policies that are triggered when an alert occurs from an external system such as an EDR, IDR, SIEM tools, or other alert eventing system.
Scheduled policies are used to lock and unlock accounts at a specific time. They can be scheduled to run starting on a specific date and can optionally have an end date. To create a new scheduled policy, click the add new policy button in the Policy Manager.
This will create a new policy and allow you to specify the following;
- Policy Type: Scheduled Policy
- Policy Name: Friendly name for the policy you are creating.
- Start Date: The date the policy will take action.
- End Date: Optional End date. If you do not want an end date, select the No End Date check box.
- Frequency: Frequency at which this policy will be evaluated. (Daily, Weekly, Weekdays, BiWeekly, Monthly, Annually)
- Action – Action the policy will take when applied
- Allow Accounts to be Unlocked – This action will Lock Accounts but allow users to override this lock by approving an Unlock Request from the Next Level3 user portal/mobile app.
- Unlock Accounts – Will set the user’s account status to Unlocked.
- Lock Accounts – Will set the user’s account status to Locked. This will prevent the user from overriding the lock and they will not be able to unlock the account.
- Time: The time that the policy will be executed.
EXAMPLE SCHEDULED POLICY
Applying Scheduled Policies
Once the Scheduled policy is created it can be applied. To apply the policy, you are selecting the list of users/group accounts that the scheduled policy will be applied to. To apply the policy, click the “Assign Groups to Policy” button on the Policy Management page for that policy.
EXAMPLE “ASSIGN GROUPS TO POLICY” ACTION
You will then need to assign users and/or groups to the policy by selecting them in the list to the left and moving them to the right by using the ”>” button or assigning all users and groups by using the ”>>” button.
EXAMPLE SCHEDULED POLICY ASSIGNMENT
Reviewing Activity Logs
All activity for the Next Level3 Cloud Identity products is available for review for administrators with access to the Company Portal. It is also made available via the Cloud Identity API.
Filter By Name: You can filter the current results on the page by username.
Search By Name: You can search the logs of all records by username.