How to configure access policies with session recording

  • 2 minute(s) read
Prev Next

This document describes how to create and configure access policies in EPM macOS for devices running the macOS operating system. Access policies define the actions that are allowed or blocked for applications and commands, and also enable the activation of session recording for audit purposes.

How to access access policies

  1. On Segura, in the products menu, go to EPM > Policies > MacOS > Access policies.
  2. Click the Add button in the upper right corner.

At the Segregation step, select one of the available segregation types:

  • General: select whether the access list should apply to all devices with EPM macOS installed.
  • Device: select whether the access list should apply to a specific list of devices to be selected.
  • Users: select whether the access list should apply to a specific list of users to be selected.

At the General step, fill out the following fields:

  1. Category: select the policy type (e.g., Applications).

  2. Name: enter a name that identifies the policy.

  3. Status: define whether the policy will be active or inactive.

  4. Action: choose the action to be applied (allow, block, request approval, etc.).

  5. Click Continue to proceed to the applications tab.

In the Applications tab, you can define:

  • The policy application strategy.
  • The rule matching criteria.
  • Whether you want to record session for these applications.

How to enable session recording

To record user activity when running an application with elevated privileges:

  1. Enable the Record session for these applications option.

    1. Select Enabled.

After configuring the policy details and defining the applications and rules, review the data entered in the Review tab and click Save.
The new policy will be listed on the main screen of access policies for macOS.

Info

To apply the policy to a specific group, use Segregation by user, device, or general.

How to access the recorded session

  1. On Segura, in the navigation bar, hover over the Products menu and select PAM Core.
  2. In the side menu, select Audit > Sessions > Remote Sessions.
  3. Use the available fields to filter the recording.
  4. In the Actions dropdown menu, select the Video of session option.
  5. In the session video report, click the Generate video for download button.
  6. A message will indicate that the video will be generated. Wait a moment until the download button is available. Once the video is ready for download, you can download the session video to your computer.
  7. Alternatively, you can stream the video session by clicking the Video button.