Temporary Permissions

This feature allows you to grant temporary permissions to users who cannot connect to the Endpoint Security Server to receive an updated policy. If a user is in the field and has an unanticipated need for device access, this feature allows you to grant specific permissions.

This process involves a challenge/response between the user and you to confirm that the request is valid. The user selects Request Temporary Access Offline from the system tray icon and completes a wizard. When the user completes the wizard, it provides them with a client key. The user then reads that key to you.

You, the administrator, can access this feature by using the Grant Temporary Permissions wizard (Tools > Device Control > Grant Temporary Permissions). While you complete the wizard, use the same exact settings that the end user used, including:

• Device class
• Permissions requested
• Duration of the permissions
• User the permissions are for

The end user can only select their own account or the Everyone account. You, the administrator, can choose other accounts. However, since your settings and the user's settings must be identical, you must select either the end user account or the Everyone account to grant the permissions.

The user reads you the client key, and you enter it in the Endpoint Security console. You then generate an unlock code and read it to the user, who enters it on the client. The user is then granted the specified permissions.