Trustus AAM
Service Management
(SM)
Absolute Control Over the Access Lifecycle
Trustus Service Management (SM) is the critical security layer that ensures
your access policies are enforced the moment a status changes.
Instant, granular control to manage, revoke, and reinstate
application access across your entire IT environment.
We manage the full lifecycle and status of application permissions with
precision, **realizing** immediate security containment and operational
resilience.
Temporary Revocation of Application Access
Protect data integrity and contain threats instantly by cutting off access the moment risk is detected.
Triggering Scenarios (The Why)
**Identified or Suspected Breach:** Immediate, high-stakes containment to stop an in-progress attack and prevent lateral movement.
**Lost or Compromised Device:** Instant revocation when a device (laptop, phone) is reported lost to prevent unauthorized access via cached credentials.
**Routine Maintenance:** Scheduled downtime for critical application maintenance or upgrades requires temporary revocation for all non-essential users.
Key Characteristics (The What)
**Immediate & Real-Time:** Executed instantly for one to many users to contain a threat or enforce a maintenance window.
**Preservation:** The underlying user account and long-term permissions remain intact, allowing for a swift "all-clear" reinstatement.
**Context-Driven:** Access is cut until the device is confirmed as wiped or the user can authenticate from a known, secure device.
Permanent Revocation of Application Access
Ensure compliance and eliminate insider threat risk by executing final, irreversible access termination.
Triggering Scenarios (The Why)
**Employee Termination:** Immediate and permanent revocation of all application access as part of the off-boarding process to eliminate insider threat risk.
**End of Vendor/Partner Contract:** Definitive termination for non-employee entities (service accounts, vendor users) at the end of their authorized contract period.
Key Characteristics (The What)
**Final & Irreversible:** Access is terminated across the entire AAM platform for that specific identity.
**Driven by HR Events:** Typically triggered instantly by an official change in Human Resources status, ensuring zero
access lag.
**Granted Privilege Enforcement:** Ensures that access is not retained long after the job function or contract requires it.
Reinstatement of Application Access
Maintain operational flow by restoring service quickly and securely, only after verification.
Return-to-Service Scenarios (The Why)
**"All Clear" after a Security Event:** Access is restored after the account is audited, the device is confirmed secure, and the root cause of the temporary revocation is resolved.
**End of Maintenance Window:** Access is seamlessly re-enabled for all users after routine maintenance is successfully completed and applications are confirmed operational.
Key Characteristics (The What)
**Policy-Verified:** Access is only restored after a formal security or operational check has been successfully completed.
**Requires Verification:** Ensures the root cause of the revocation (e.g., a lost phone) has been fully resolved before service is restored.
**Seamless Return to Service:** Allows users to resume work with minimal friction once the operational constraint is lifted, maximizing productivity.
