AutoElevate is a patent pending, cost effective way to secure your clients by managing admin privileges.
In one touch...
- Secure your client's servers & workstations
- Improve your service by fixing a critical customer pain point
- Increase technician performance
- Achieve uncompromising service in a more secure environment
Better Security Better Experience
You'll love what we do.
MSPs - THE NEW TARGET
Increasing trends show that MSPs are actively being targeted by malicious actors who are seeking to compromise large numbers of computers. In many cases attacks occurred across multiple MSPs affecting ALL of their clients simultaneously. Forensic analysis of these attacks revealed that compromised MSPs were breached using relatively un-sophisticated methods which could have been avoided with basic best practices such as password hygiene, 2FA, basic security settings, and only allowing users to operate with Standard privileges.
SECURITY IS ONLY AS STRONG AS THE WEAKEST LINK
Restricting Admin accounts will enhance all your cybersecurity efforts and is one of the best ways to help stop malware and thwart attackers. Some estimates say that having users run with Standard privileges can help mitigate 94% or more of Microsoft vulnerabilities.
Can you afford ALL your clients to be victimized with a data breach? Can you afford to ignore privilege management which could easily tighten your security?
Often MSPs don’t remove Admin privileges because of the possibility of it leading to productivity issues that would frustrate users when privileges are needed most.
AutoElevate easily secures users across all of your client environments within a few short minutes seamlessly without anyone losing productivity.
Free Fully Functional Trial For Managed Service Providers
Sign up for your fully functional NFR version of AutoElevate
UPGRADE SECURITY FOR ALL YOUR CLIENTS IN A FEW CLICKS
Elevation requests are automatically checked against the VirusTotal database and then summarized, color coded, and at the fingertips of your engineers so they can make informed decisions quickly.
Least Privilege 'Baked-in'
Elevation of approved applications and actions happen automatically using principles of ‘least privilege’. Elevation can occur as either an Admin account, User account, or as the System depending on the circumstances.
Audit & Remediation
In a few clicks find and fix machines that have the UAC turned off or set too low across all your clients. Additional UAC settings are incorporated to harden and improve UAC security.
Removes Admin Privileges
Automatically convert local admin users to standard users in a matter of minutes WITHOUT frustrating users or having them lose productivity.
Fully Customize User Access
Control elevation of Application & MSI installs, usage of new or legacy applications requiring Admin privileges, protected system actions, Comm objects (CLSIDs), and MMC plugins on the entire family of Microsoft Windows workstation and server operating systems.
NOT Dependent Upon Active Directory
Elevation is not dependent upon AD membership and works on computers that are stand-alone, workgroup, or joined to a domain.
With Only 1 Touch Your Engineering Staff Can:
Elevate privileges for the requested application or action
Allows your users to stay efficient & productive and offloads work from your engineering staff
We Don’t Forget the Details
We all hate paperwork and usually forget to do it but now that’s not a problem. Detailed information about what was requested, by whom, on what machine, security disposition, status, outcome, and all the other details are recorded for you automatically.
Now you won’t have to stress about losing track of your client interactions because each request generates a ticket in your ticketing system automatically. It’s all done for you.
Communicate Status Back To Client Computer
Keeps your client informed and eliminates phones calls and remote sessions.
Time Entry On Ticket
Each technician response generates a time entry automatically as part of the natural workflow. Now your technicians can respond to client requests even when they are mobile without letting billable hours get lost.
Make rules which will automate future requests for other users
With each approval or denial the technician can select whether the same action should apply in just this single instance or as an ongoing rule for the computer, location, company, or the entire MSP practice.
EXPERTLY CRAFTED SOFTWARE DESIGNED SPECIFICALLY FOR MSPs:
White-label Branded Solution
Client facing dialog boxes and communication are customizable with your brand.
Sold to end user companies only through our MSP partner companies.
Meet Security & Compliance goals in minutes not days, weeks, or months
The Admin Portal allows you to sort, filter, and group information for a particular computer, location, company, or your entire practice allowing you to quickly identify areas for improvement and take action. Immediately put that plan into action by turning Windows UAC on/off, changing UAC levels, or building privilege elevation rule sets based on real-time information in just a few clicks.
Silent Discovery & Audit
AutoElevate is lightweight and deploys quickly and silently in ‘Audit Mode’. Within minutes of deployment you’ll have actionable information about user privileges and privilege events that is easy to understand right at your fingertips.
Manage Privileges From Your Favorite Browser And Device
Approve or deny elevation requests, make rules, look at elevation events, harden client computers, and more - all from your favorite browser.
PSA & RMM Ready
AutoElevate was built from the ground up with integration to the most popular PSA and RMM solutions in mind. ConnectWise Automate® and ConnectWise Manage®, Autotask PSA®, & Kaseya BMS® are currently integrated with more on the way soon. AutoElevate will fit seamlessly into your workflow.
This is an excellent product that is saving us time, creating efficiencies around operations and most of all securing our clients environments. Ever get the call from the business owner that "needs" local admin rights to install software whenever he wants? This provides a solution for that - a good one.
Auto Elevate is a great tool that instantly lowered calls for basic installs to our helpdesk. It allowed us to resolve some issues with certain client apps requiring local admin as well. The integration works great with our triage & helpdesk process. Todd & the team are also VERY responsive which is nice for something that has become part of our core stack.
NOW THERE IS A WAY TO MANAGE ADMIN PRIVILEGES THAT WON’T MAKE YOUR CLIENTS HATE YOU
No more building complicated policies, rolling a truck to stand over your client’s shoulder and enter admin credentials, or having to coordinate a good time to remote into their machines.
“AutoElevate is like remote control + auto-pilot for end user privileges rolled into one”
Privilege management for MSPs has to be easy, keep clients happy, provide instant ROI, and not just be one more complicated and expensive system to manage.
Now with AutoElevate’s patent-pending Real-Time Privilege Management system that goal can be a reality.
Finally, there is a way to keep your client environments secure, keep end users happy, reduce risk for your practice, and reduce workload on your technicians.
Free Fully Functional Trial For Managed Service Providers
Sign up for your fully functional NFR version of AutoElevate
DO YOU HAVE ANY QUESTIONS?
How much does it cost and where do I get it?
AutoElevate is sold exclusively through its Manage Service Provider partners. If you would like a partner to contact you with additional details, demo, pricing, or a free trial please go here.
Is AutoElevate hard to deploy?
No. We’ve made it super easy so that it can deployed across your MSP practice in minutes. We’re here to help you every step of the way. AutoElevate is deployed by installing the AEAgent onto workstations. The AEAgent is a small lightweight MSI file which can be deployed silently with just about any RMM tool, System Policies, or manually by your administrators. For your convenience we have published a full set of Labtech scripts which can help you deploy the agents throughout your environment within minutes.
How much memory and disk space does the AutoElevate Agent require?
The AutoElevate Agent is very lightweight. It consists of 3 processes that run once a user is logged in. the processes collectively use approximately 40MB of memory and 820KB of disk space. We have not experienced the agent causing any slowness or resource issues and have tested it on machines running with as little as 2GB of memory.
What outbound ports need to be opened on the firewall at our MSP and/or at our client sites?
443 outbound is all that should be required. So if you’re able to go to secure websites you should be OK.
Is AutoElevate available for macOS?
No. We are currently evaluating the need for macOS compatibility from our MSPs. If you are interested in this functionality please follow the subject in our Feature requests section, comment, and vote. We want to focus our development time and money on areas that matter to you most.
What happens if my technicians don’t respond to a client request before the timer is up?
When the end user has made a request and the timer expires, an additional dialog box will appear that states that the technician is evaluating the request, a ticket has been opened and that they will be notified as soon as a technician responds. When a technician does respond, a new notification appears for the user telling them their request has been approved or denied and allowing them to continue the installation or with additional ticket information.
Does AutoElevate enter in my admin password for end users?
Standard operation is for the process token to be re-launched with elevated credentials and for no credentials to be used or generated. Once a rule has been established, an individual rule can be changed to use “Password Mode” which generates and inserts credentials into the UAC windows instead of elevating the process token. This allows for compatibility for certain complex applications. With Password Mode credentials are generated randomly at the beginning of an elevation approval, then once again randomized, and then extinguished at the end of the process. In either case, using the standard mode or Password Mode, credentials are not stored in a database and a store of credentials is not maintained, making security tighter, faster, and easier to manage.
How does AutoElevate work?
AutoElevate has an Agent service that runs on each workstation and monitors for UAC (Windows requests for username/password) events on the client machine. It works in the background to apply proactive rules to each request or to notify a technician via our AutoElevate Mobile App. Technicians with the Notification App can quickly and easily evaluate the request and build rules to either accept or deny the requested MD5 hash to be allowed one time only, just this computer, this location, client, or for the entire MSP practice. For more detailed information on how the AutoElevate system works please sign-up and visit our support site.
Are approvals app based or version based?
Files are identified with a unique MD5 hash. By identifying the file in this way, approvals or denials can successfully take place regardless of where the file originates. Because each file is uniquely identified, each update needs to be examined and either approved or denied at least one time. Therefore a core application such as Quickbooks can be approved, but each new updates to Quickbooks would have to be explicitly examined and approved for the system to automatically elevate those requests.
Will adjustments need to be made to our installed antivirus?
So far the only antivirus that has been reported to need an exception rule made to allow AutoElevate to run is Trend Micro. Others that we are aware of require no adjustment whatsoever. Trend Micro has in some cases blocked us because our software is unknown. Likely as our Agent software becomes more widely distributed and known, the need to make any kind of special exception or rule will diminish.
Am I charged for extra technicians?
No. You can have as many technicians using the system as you desire. The monthly charge is based upon the number of Agents that are registered and active on machines.
Who receives the notifications from end users?
All technicians that have the Mobile Notification app installed will receive notifications from your clients. They can quiet the notifications by adjusting notifications on their phones.
MSPs that use PSA ticketing integration (Autotask PSA, ConnectWise Manage, Kaseya BMS) can view notifications and approve or deny elevation requests directly in their PSA tickets. Tickets generated by AutoElevate have custom statuses which can be used to build customized notifications from within the ticketing systems. Requests can also be viewed and responded to from within the Admin Portal.
By enabling browser notifications technicians have easy 1-click access to approve or deny requests and receive notifications on their macOS or Windows computer desktops directly.
Do I have to have my own on-premise server?
No. AutoElevate is a cloud based service and software platform. All you have to have to get started is a license key and instructions. We maintain the server, the mobile apps, security, updates, and web portals.