3.8 JIT
Trustle employs the Just-In-Time (JIT) access concept to enhance security by granting users access to necessary resources only when needed and for a limited time. This approach minimizes risks associated with standing privileges and aligns with the principles of Zero Standing Privilege (ZSP) and Least Privileged Access (LPA). Here's a streamlined overview of the process:
Access Request
A user (Principal) requests access to a specific resource, such as a restricted database or administrative settings. This request is made through Trustle's interface.
Manager Approval
The access request is reviewed by an Access Approver, usually the user's manager, who verifies the necessity and appropriateness of the request against security protocols.
Real-Time Access Provisioning
Upon approval, Trustle instantly provisions the access by connecting to the APIs of the relevant systems (e.g., AWS, GitHub, Google Workspace). It uses secure API calls to adjust the user’s permissions or group memberships directly in these systems.
Access Revocation
JIT access is temporary. Trustle automatically revokes access once the approved period expires or the task is completed, using the same APIs to revert permissions to their previous state.
Continuous Monitoring
All actions, from request to revocation, are monitored and logged by Trustle. Notifications are sent to stakeholders when access changes occur, ensuring all adjustments are transparent and traceable.
This efficient use of JIT through API integrations allows Trustle to manage access securely, maintain compliance, and reduce organizational risk while supporting the flexibility required by modern enterprises.