- Project Lead Chase Olson
- Client Celestica
- Date Sep 2024 - Oct 2024
- Coffee Consumed 130 Cups
Led the implementation of Microsoft Endpoint Privilege Management (EPM) to enhance endpoint security by managing user privileges and reducing risks associated with excessive administrative rights for a client.
- EPM Strategy: Developed a strategy focusing on just-in-time (JIT) elevation of privileges, ensuring users received only the necessary access to perform tasks without full-time admin rights.
- Policy Creation: Configured policies to manage temporary privilege elevation for specific tasks. Implemented approval workflows to ensure elevated rights were granted only when needed, reducing the attack surface.
- Role-Based Privilege Management: Assigned privileges based on job roles, supporting the principle of least privilege and limiting access to essential functions only.
- Application Elevation Control: Enabled certain applications to run with elevated privileges while maintaining standard user accounts. This reduced the need for full-time admin accounts, improving security without disrupting productivity.
- Auditing and Monitoring: Configured EPM to log and monitor privilege requests and activities on endpoints. Set up alerts for unusual escalations, ensuring real-time monitoring.
- User Training: Trained IT staff and users on managing elevated privileges. Developed guides to help employees navigate the EPM process effectively.
- Security and Compliance: Aligned privilege management activities with security best practices and compliance regulations. Enforced time-limited privileges to reduce unauthorized access risks.
- Improved Security: Enhanced endpoint security by minimizing permanent admin accounts and controlling privilege escalations, reducing the likelihood of malware installation through unnecessary admin access.