6 Glossary

The following terms and definitions are used in this document.

Term	Short for	Definition
API	Application Programming Interface	A a set of rules, protocols, and tools that allows different software applications to communicate with each other.
BC / DR	Business Continuity / Disaster Recovery	A plan consisting of the set of policies, processes and procedures that enable a business to minimize the negative effects of a disaster and remain operational during and following its occurrence.
DNS	Domain Name System	The Internet's "phone book," translating human-friendly domain names like google.com into numerical IP addresses that computers use to locate each other.
DPA	Data Processing Agreement	Admin By Request's main contractual specification of its obligations to customers.
DPO	Data Protection Officer	The role at Admin By Request responsible for data protection and ensuring compliance with data privacy regulations like the GDPR.
GDPR	General Data Protection Regulation	The primary European specification for ensuring compliance with data privacy and security regulations.
Microsoft Azure SQL	Microsoft Azure SQL	A cloud-based family of database management products developed by Microsoft.
OPSWAT	OPSWAT	Us-based software company that develops and sells MetaDefender.
RTO	Recovery Time Objective	The amount of time within which an organization’s processes, systems and/or applications must be restored in order to avoid significant damage to the business.
SIEM	Security Information and Event Management	A subsection within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM).
SQL	Structured Query Language	Language used for managing data in relational database management systems. Often incorporated into product names (e.g. Microsoft Azure SQL).
SSL	Secure Sockets Layer	A computing protocol that ensures the security of data sent via the internet by using encryption.

Related FAQ

Can I add my company logo (if so, where)?

You can add your company logo to both the portal and the dialog boxes that users see on their endpoints. The setting is in the portal at Endpoint Privilege Management > Settings > Windows Settings > Endpoint > BRANDING.

Refer to Branding tab under Windows Settings for more information.

How do I let users keep full access, but log what they do?

Allowing your users to retain full access rights is equivalent to turning off all Admin By Request's protections.

IMPORTANT

Turning off everything effectively means giving users back their local admin rights. Think about this carefully before doing it.

To turn off everything except logging actions to the Auditlog, you need to:

Authorization: turn On Allow Run As Admin and turn Off all other toggles
Authorization: turn On Allow Admin Sessions and turn Off all other toggles.
Authorization: make the Access time (minutes) a large number that covers most of the day. For example, 480 minutes (8 hours).
Lockdown: turn Off Revoke admin rights.

For more information, refer to Authorization tab under Windows Settings.

You can also check out the WHIZ usage persona for a 10-minute video on how to accommodate developers or power users.

How do I pre-approve an app using the Auditlog?

Admin By Request allows for quick pre-approval of trusted applications from the Auditlog. Pre-Approval is based on the application vendor or checksum, visible when the Application Control screen is displayed (step 3 below).

NOTE

At the time of writing, pre-approval from the Auditlog is not available for Linux clients.

Once an application has been installed on an endpoint with Admin By Request:

Log in to the portal and navigate to the application’s corresponding entry in the portal Auditlog.
Expand on the application entry, and select Pre-approve this file under Actions:
On the Application Control screen, modify any settings as required. For more information on pre-approval settings, refer to the Settings Table below.
Click Save verify that the app has been added to the list of pre-approved applications.

For example, the following applications are pre-approved:

How do I turn off everything except logging?

IMPORTANT

Turning off everything effectively means giving users back their local admin rights. Think about this carefully before doing it.

To turn off everything except logging actions to the Auditlog, you need to:

Authorization: turn On Allow Run As Admin and turn Off all other toggles
Authorization: turn On Allow Admin Sessions and turn Off all other toggles.
Authorization: make the Access time (minutes) a large number that covers most of the day. For example, 480 minutes (8 hours).
Lockdown: turn Off Revoke admin rights.

For more information, refer to Authorization tab under Windows Settings.

You can also check out the WHIZ usage persona for a 10-minute video on how to accommodate developers or power users.