UAC Elevation Automation and Control
This demonstration walks through ScreenConnect's Privileged Access Management (PAM) capabilities, focusing on User Account Control (UAC) elevation handling. The system injects itself into Windows UAC prompts, allowing technicians to approve or deny elevation requests remotely. A key feature is the VirusTotal integration that scans executables against approximately 80 antivirus engines before approval. The platform enables rule creation based on conditions, automating future approvals for trusted applications. This eliminates repetitive manual approvals while maintaining security oversight through detailed logging and notification systems.
Ephemeral Admin Access and Security Dashboard
The second component creates temporary local administrator accounts using 256-character AES-encrypted passwords for technician access. This passwordless administrative logon appears on the Windows lock screen and requires approval before granting access, adhering to least privilege principles. Credentials are automatically removed after session completion. The administrative dashboard provides analytics on elevation prompts, admin logons, PAM-enabled endpoints, and application-level approval patterns. This data helps identify opportunities for rule automation, such as creating auto-approval rules for frequently requested applications like Adobe Creative Cloud.
