Abstract: A system and method is described that reduces a likelihood that a privileged account at a system (e.g., device, network, and/or application) for a user is compromised. For example, the privileged account for the user at the system is disabled in response to being created. The user can provide a request for at least one elevated right at the system corresponding to a request to use the privileged account at the system. An identity of the user is authenticated in response to receiving the request to confirm that the user is requesting the privileged account at the system. The privileged account for the user is enabled at the system to allow the user to perform at least one action that the user was not previously allowed to perform.

Abstract: Systems and methods include a computer-implemented method for multi-stage approval. Approval scenarios are defined that include four stages including a requestor review stage, a requestor management approval stage, an owner approval stage, and a processing stage. A custom proponent code authority is generated for each principal or collection of principals to manage access and roles under their jurisdiction. The custom proponent code authority is generated for each approval scenario through a centralized identity and access management system. A requester review is performed on a request received from a requestor. The requester review is performed using a decentralized approval process. A requestor management approval of the request is performed in the requestor management approval stage. An owner approval is performed in the owner approval stage by an owner associated with owner role names mapped to role suffixes. The owner approval authorizes further processing or access to at least one resource.

Abstract: The present disclosure describes a computer-implemented method that includes: detecting an incident that an outbound email violates a data leakage prevention (DLP) rule of an enterprise, wherein the DLP rule specifies contents that are reserved for within the enterprise; automatically alerting one or more members of the enterprise of the incident based on a report detailing the incident; and receiving a response from each of the one or more members of the enterprise.