Elevation Policies

Distinct from allow policies where applications are simply allowed to run with default user level privileges, an Elevation Policy will apply Administrator credentials to specified applications. This type of policy is often paired with allowlisting to save IT Administrators time when many employees must perform trusted tasks that require Administrator credentials to complete, like installing a trusted application (Adobe) or device (printer).

In Verify Privilege Manager v10.7 the Restrict File Dialogs action has been added to the product. IBM Security recommends using this action on elevation policies to prevent the misuse of file open and save dialogs for elevated applications.

Topics in this section:

• Setting up ActiveX Policies
• UAC Override Policy
• Elevate Applications launched from Network Share Policy
• Elevate msi launched from a Network Share
• Elevate Applications whose Execution Requires Approval
• Elevate Applications that Require User Justification
• MS Visual Studio Installations - Filters and policy now provided via Configuration Feeds. Refer to Config Feeds for download and installation information.