Introduction
As part of our ongoing commitment to improving IT security at PLNU, we will soon deploy a tool called Admin By Request to university computers with local admin accounts.
Admin By Request provides a secure, request-based method for gaining administrative access when needed. This ensures that you can complete essential tasks while helping protect the broader university computing environment.
In connection with the rollout of this new tool, we will also be removing local admin accounts in January 2026. Removing standard administrative access is driven by findings from our annual IT risk assessments, which identified that permanent local administrator accounts pose a significant security risk. If exploited, administrator privileges can be used by malware or threat actors to compromise systems, access sensitive data, or disrupt university operations.
ITS and various users across multiple departments have been using Admin By Request for the past year to manage our own administrative access using the same process you will soon experience. It has allowed us to complete our work effectively while maintaining improved security.
Admin By Request will be installed on computers beginning the week of November 11. Existing local admin access will remain in place until January 2026, at which point it will be removed. Please use the time between now and then to become familiar with the new request process.
For instructions on requesting admin access, visit: Using Admin By Request for Application Installation and Admin Access
Frequently Asked Questions (FAQ)
What is Admin By Request?
Admin By Request is a tool that lets you request administrative privileges only when needed. This eliminates the need for permanent local administrator accounts while still allowing flexibility when required.
Why is PLNU making this change?
Permanent admin accounts are a known security risk. If compromised, they can be used to access sensitive data or interfere with university systems. This change addresses those risks and aligns with best practices in higher education cybersecurity.
How will this impact my daily work?
Most users will not notice much change. If you need admin rights to install or update software, Admin By Request allows you to request access for that task. You’ll be able to work as usual, but in a more secure environment.
How do I request to run an application with admin privileges?
You can follow the step-by-step guide here: Using Admin By Request for Application Installation and Admin Access.
What happens after I make a request?
Most application requests are either auto-approved or quickly reviewed. Once a specific application is approved five times, it becomes auto-approved for future use.
What if I need admin access after hours?
If your request is urgent and requires approval outside regular business hours, contact the solution center and follow the procedure to request an on-call response. You will receive a call back within 1 hour.
Will I still have admin access for now?
Yes. You will retain your local administrator account until January 2026. This gives you time to learn the new process and report any issues while maintaining your current access.
Can I request admin access for any software?
Requests should relate to your academic, research, or job-related responsibilities. Non-essential or personal applications may be denied.
What if Admin By Request does not meet my needs?
We are committed to working with you. If a request cannot be fulfilled through Admin By Request and no technical or procedural workaround is available, the InfoSec team will collaborate with you to find a suitable alternative.