Recently, we announced a new role for WithSecure Elements called “Identity and Access Management (IAM)”.
We are happy to announce that this role can now be claimed by existing users who already have full administration rights to all organization resources. This "claim" functionality will be available until 30 April 2025.
After April 2025 all IAM related activities, such as account creation or assigning roles, will only be available for users who have the new IAM role. To get the IAM role after April 2025, customers should contact their WithSecure Sales partner in the first instance, or WithSecure Support.
When a user logs into the WithSecure Elements Security Center, the system will check if they already have the needed access rights, and will be prompted to “claim” the new IAM role where applicable.
By clicking on “Claim”, they will be granted the new role. Once claimed, the prompt will not be shown for that user again.
If you are not eligible for IAM administrator, for example because of your company policy. click Decline.
Recommendations
As the new IAM role is very powerful, and is used to control access to other roles in the future, there are some things that should be done.
Create (or review) organization policies on user management
As the owner of the IAM role is all-powerful, and able to define who in the organization can perform which tasks, it is important to create and maintain a good policy on who is allowed to do what within Elements.
Claim (or grant) the IAM role for the appropriate people
Once the organization has a policy on granting access to their users, the designated people should claim the IAM role on login. The list of role assignments should be reviewed periodically, adding or removing people from the IAM role as needed.
For more information on the IAM role, please visit the original announcement, or check the User Guide.