About Segura's ITSM integration

  • 3 minute(s) read
Prev Next

# About Segura's ITSM integration
The ITSM (IT Service Management) integration in Segura is a powerful feature that allows for a direct connection between privileged access management and IT service management systems.

Supported ITSM Solutions

Segura currently supports integration with the following ITSM solutions:

  • ServiceNow.
  • Jira Service Desk.
  • Zendesk.
  • Freshdesk.
  • BMC Helix ITSM (incorporating former Remedy capabilities).
  • CA Service Desk Manager.
  • GLPi ITSM.
  • Zoho (representative of their ITSM solutions, for example, Zoho Desk).
  • Ivanti Neurons for ITSM.

What is the Governance Code?

The Governance Code is a central element in ITSM integration. It’s a unique identifier that:

  • It can be inserted by users in the justification and authorization form.
  • It functions as a connection between the request in Segura and the corresponding ticket in the ITSM system.

How does the integration work?

Below, you can visualize a summary of the workflow for an ITSM integration process on Segura.

Main components

  • Administrator User (Admin): initiates the request process.
  • Request Form: interface for entering the ITSM code.
  • Security System (Segura): verifies credentials and the ITSM code.
  • ITSM Solution: the final system to which access is requested.

Request and Verification Process

  1. The administrator user initiates the process through a request form.
  2. The administrator enters the ITSM code in the form.

Security Verification

  1. The ITSM code is sent to the Segura system.
  2. Segura requests additional credentials for authentication.

Authentication in the ITSM Solution

  1. Segura communicates with the ITSM Solution.
  2. Segura verifies if the provided ITSM code exists and is valid in the ITSM Solution.

Confirmation and Authorization

  1. If the code is valid, Segura receives a confirmation.
    1. You can also view the status of the ticket, except for integration with Jira Service Desk Manager.
  2. The system then authorizes the user to proceed.

Access Granted

After a successful verification, the user is granted access to the ITSM Solution.

Security Aspects

  • Multiple Authentication Layers: the process involves both the ITSM code and additional credentials.
  • Centralized Verification: Segura acts as a central point for verification and access control.
  • Separation of Responsibilities: the request form, security system, and ITSM solution are distinct components, increasing security.

Enforcement of Allowable Time Windows for Privileged Access via ITSM

Segura enforces strict time-based controls for privileged access requests integrated with ITSM solutions. When an ITSM ticket is used to request privileged activity (such as session initiation or credential checkout), Segura automatically synchronizes with the start and end times—or other approved time window—defined in the ITSM ticket. All privileged activities managed through ITSM workflows are restricted to this approved window:

  • Initiating or continuing any privileged session or task outside the authorized timeframe is automatically denied or terminated by the platform.
  • If a privileged session is ongoing as the time window closes, Segura will force session termination in accordance with the policy.
  • All attempts to bypass or operate outside the approved window are fully logged for audit and compliance purposes.

This enforcement mechanism ensures that privileged activities are always linked to active, approved ITSM requests, maintaining compliance and minimizing risk.

Benefits of ITSM Integration

  • Enhanced Security: ensures that privileged accesses are always associated with approved service tickets.
  • Improved Auditing: facilitates tracking privileged accesses to corresponding service tickets.
  • Compliance: helps maintain compliance with security policies and regulations.
  • Efficiency: automates the authorization verification process, reducing manual errors.

How to make the Governance Code mandatory

You can make the Governance Code mandatory to guarantee that all privileged access requests are associated with an ITSM ticket.

  1. Go to: PAM core > Settings > Access > Access groups.
  2. Create a new group or edit an existing one.
  3. In the Settings tab, in the Access request settings section, select Yes in the Mandatory to specify governance code when justifying? field.

Conclusion

The ITSM integration in Segura offers an additional layer of security and control over privileged access. By linking access requests to valid ITSM tickets, organizations can ensure that all privileged accesses are properly authorized, documented, and auditable. This improves security and helps maintain compliance with various regulations and security policies.