What is Admin On-demand?

How to use Admin On-Demand?

IT administrators face a classic dilemma in managing macOS devices: how to grant users the necessary permissions to do their jobs without compromising system security. The traditional approach of providing permanent administrator accounts opens potential vulnerabilities and adds to the IT workload. Mosyle Admin On-Demand aims to tackle this problem with an elegant and automated solution.

The Challenge of Privileged Accounts

Unrestricted administrator access on macOS devices poses several risks:

• Accidental Damage: Users with admin rights can inadvertently change critical system settings, leading to instability or malfunctions.
• Malware Exploitation: Malware that gains access to a user account with admin rights can have devastating consequences, from data theft to system-wide compromise.
• Compliance Issues: Many security regulations and standards discourage users from using permanent admin accounts.

Purple Computing's Solution: Mosyle Admin On-Demand

Mosyle Admin On-Demand turns the traditional model on its head. Here's how it works:

• Least Privilege as Default: Users operate their Macs with standard, non-admin accounts by default. This significantly minimises the risks outlined above.
• Just-in-Time Elevation: When a user needs to perform a task requiring admin rights (installing software, modifying system settings), they can request temporary admin privileges through a simple interface.
• Automated Timeouts: Mosyle grants admin rights for a designated period (customisable by the IT team) and then automatically revokes these rights.
• Action Logging: Every action performed while the user has admin privileges is logged, ensuring accountability and providing a valuable resource for audits or troubleshooting.

Benefits for IT and Users

Mosyle Admin On-Demand delivers a win-win scenario for both IT administrators and end-users:

• Security Boost: Reduced attack surface, aiding in compliance efforts.
• Streamlined Administration: No more manual toggling of user privileges, freeing up valuable IT time.
• User Empowerment: Employees don't need to wait for IT help when they require admin rights for legitimate tasks.

In the Real World

Imagine this scenario: an employee needs to install approved software. Instead of contacting IT, they self-request admin access through Mosyle, provide a reason for the request, install the software, and have their admin rights expire within a preset timeframe. It's efficient, secure, and promotes a more seamless user experience.

The Bottom Line

Mosyle Admin On-Demand offers a clever solution for organisations wanting to tighten their macOS security posture without hindering user productivity. Automating privilege management and providing a user-friendly system for access requests strike the ideal balance for the modern workplace.

Find out more about how Purple can help!