Make Robust Rules To Automate PAM
What would you rather have: 1 automated request or 100 phone calls?
PAM automation just got easier
AutoElevate is PAM automation for MSPs featuring customized, dynamic, multi-tenant privilege elevation rules. Privilege Access Management (PAM) rules are simple to make, easy to understand, and can be based on a variety of criteria so that you can empower your users to update and run what they need, when they need it.
At AutoElevate we understand that you might hesitate restricting Admin privileges for fear that your clients will experience delays, get frustrated, or have a poor experience? You don’t want to lose your client to another MSP that makes promises of providing better response time and user experience. Or you might have the dread of having to waste time explaining to clients why they can’t have Admin privileges and potentially experience ill will. Combat ALL these reasons that are keeping your client’s insecure with AutoElevate’s cutting-edge rules engine that brings PAM automation to a new level!
Now you can whitelist privileges for specific software publishers, installers, updates, or system actions
AutoElevate allows you to make rules that will automate PAM for specific software vendors, publisher certificates, file hash, or a combination of other criteria which all can be applied against a single machine, group of computers, company, or for all your clients globally. MD5 hash rules can be made on-the-fly in real-time with a single click of your mouse or tap of your finger, or you can make automation rules from captured UAC events collected by our Agents. Details from the verified publisher certificate, file name, and path can be used for PAM automation. Allow approvals or denials to successfully take place regardless of where the file originates and for a wide range of scenarios and requirements.
Core applications and/or updates for applications such as Quickbooks™, Zoom™, or UPS WorldShip™ (or countless others) can be approved. With PAM automation you now have options; you can allow anything from a specific software publisher to run elevated with privileges or you can explicitly examine each installer, application, or update and approve each individually. You have the choice and control at your fingertips with AutoElevate.
Do you manage IT for car dealerships, design houses, accounting/billing departments which need numerous time-consuming, ticket driving updates every week, bi- weekly or monthly? Cut tickets and lose the headache of handling multitudinous updates with AutoElevate.
Experience the security and stability of standard privileges by leveraging whitelisted PAM automation rules with AutoElevate. We take the guess work out of approvals by verifying the publisher certificate, file name, and path so that the approval/denial process becomes a time-saver for technicians and a better user experience for your clients.
See What Your MSP Peers are Saying About AutoElevate
How much does it cost and where do I get it?
AutoElevate is sold exclusively through our Manage Service Provider partners. Use the following links if you would like a partner to contact you with additional details, demo, pricing, or a free trial.
Is AutoElevate hard to deploy?
No. We’ve made it super easy so that it can deployed across your MSP practice in minutes. We’re here to help you every step of the way. AutoElevate is deployed by installing the AEAgent onto workstations. The AEAgent is a small lightweight MSI file which can be deployed silently with just about any RMM tool, System Policies, or manually by your administrators. For your convenience we have published a full set of ConnectWise™ Automate, Kaseya VSA™, Datto RMM™, SyncroMSP™, or PowerShell scripts which can help you deploy the agents throughout your environment within minutes.
How much memory and disk space does the AutoElevate Agent require?
The AutoElevate Agent is very lightweight, consisting of 3 processes that run once a user is logged in. The processes collectively use approximately 40MB of memory and 820KB of disk space. We have not experienced the agent causing any slowness or resource issues and have tested it on machines running with as little as 2GB of memory.
What outbound ports need to be opened on the firewall at our MSP and/or at our client sites?
443 outbound is all that should be required. So if you’re able to go to secure websites you should be OK.
What happens if my technicians don’t respond to a client request before the timer is up?
When the end user has made a request and the timer expires, an additional dialog box will appear that states that the technician is evaluating the request, a ticket has been opened and that they will be notified as soon as a technician responds. When a technician does respond, a new notification appears for the user telling them their request has been approved or denied and allowing them to continue the installation or with additional ticket information.
Does AutoElevate enter in my admin password for end users?
No. AutoElevate does not store, use, or modify your Admin credentials. AutoElevate gives you the choice on any rule or elevation request to use either an ‘over-the-shoulder’ style Admin elevation or to elevate with the context of the currently logged in user. AutoElevate interacts with the UAC directly when an elevation of an approved process is required, allowing for compatibility and elevation of complex applications. Credentials are not stored in a database or transmitted over the network making security tighter, faster, and easier to manage.
How does AutoElevate work?
AutoElevate automates Windows UAC prompts for MSPs. Our software Agent service works in the background to apply proactive elevation rules to each UAC event or to notify a technician through one of our PSA ticketing integrations, Windows notifications, or via our AutoElevate Mobile App (or all 3). Technicians can quickly and easily evaluate the request and build rules to either accept or deny the requested installer, application, update, or system action which can be allowed just one time, for just this single computer, for a group of computers, a whole client, or for all of the computers under your management. For more detailed information on how the AutoElevate system works please sign-up and visit our support site.
Are approvals app based or version based?
Approvals can be done based on either MD5 hash or a combination of information from the verified publisher certificate, name, and path. By identifying the file in these various ways, approvals or denials can successfully take place regardless of where the file originates and for a wide range of scenarios and requirements. Core applications and/or updates for applications such as Quickbooks™, Zoom™, or UPS WorldShip™ (or countless others) can be approved. With PAM automation you now have options.
Will adjustments need to be made to our installed antivirus?
None. AutoElevate works well with other solutions in your solution stack.
Am I charged for extra technicians?
With the release of the Enhanced Technician Mode features in 2020 each agent tier includes a corresponding number of technician user licenses with some licensing tiers including unlimited technician users. Currently, to have additional user licenses requires moving into a higher tier which includes the desired number of User (technician) licenses.
Who receives the notifications from end users?
All technicians that have the Mobile Notification app installed will receive notifications from your clients. They can quiet the notifications by adjusting notifications on their phones.
MSPs that use PSA ticketing integration (Autotask PSA, ConnectWise Manage, Kaseya BMS, & Syncro) can view notifications and approve or deny elevation requests directly in their PSA tickets. Tickets generated by AutoElevate have custom statuses which can be used to build customized notifications from within the ticketing systems. Requests can also be viewed and responded to from within the Admin Portal.
By enabling browser notifications technicians have easy 1-click access to approve or deny requests and receive notifications on their macOS or Windows computer desktops directly.
Do I have to have my own on-premise server?
No. AutoElevate is a cloud based service and software platform. All you have to have to get started is a license key and instructions. We maintain the server, the mobile apps, security, updates, and web portals.