ManageEngine ADSelfService Plus Secures Workstations and Applications with Conditional Access Based on Risk Factors


Helps IT Admins Authorize Resource Access Without Affecting User Experience

With the COVID-19 pandemic mandating employees to adopt teleworking, cybercriminals are actively seeking to exploit vulnerabilities in enterprise environments. For most employees, remote work means they no longer work from their office, but from different locations, devices, and sometimes even different time zones. In such cases, admins need advanced authentication other than employing one set of default authentication techniques such as SMS or email passcodes for all users. They need controls that enable them to trigger different decisions based on a set of pre-defined conditions.

“With so many employees working beyond the corporate firewall, and on devices not under the IT team’s direct control, IT decision makers must rethink their approach to risk reduction for unauthorized access to resources,” said Parthiban Paramasivam, director of product management, ADSelfService Plus. “ADSelfService Plus’ Conditional Access Policy ensures that every access request is judged based on multiple risk factors without impeding employee productivity.”

Step up security using ADSelfService Plus

ADSelfService Plus’ Conditional Access Policy offers a new way of using the already available authenticators including biometrics, YubiKey, and Microsoft Authenticator. It helps admins ensure that only authorized users have access to sensitive data via workstations, applications, and some ADSelfService Plus features including SSO, Self-Service Password Reset and Account Unlock, Change Password and Directory Self-Update. Put simply, conditional access policies help admins to block or grant access to sensitive resources based on multiple pre-defined criteria. ADSelfService Plus’ Conditional Access Policy considers risk factors such as:

  1. User location
  2. IP address range
  3. Device type
  4. Business hours

For example, admins can configure a policy that requires MFA for users, excluding the ones in a specific IP range or in a targeted location. Admins can also combine the enabled conditions using AND, OR and NOT operators to create a condition logic, which decides the validity of the user request. Essentially, ADSelfService Plus’ Conditional Access Policy adds another facet to the user identification process to observe the user access requests and manage access to resources appropriately.

Pricing and Availability

Conditional Access Policy is available immediately in the latest version of ADSelfService Plus. Pricing for ADSelfService Plus starts at $1,195 annually. A fully functional, 30-day trial version is also available for download at

ADSelfService Plus also offers a free edition for up to 50 users. The Free edition supports all the features of the Professional edition, including Conditional Access Policy, single sign-on and password self-service. It can be downloaded at

About ADSelfService Plus

ManageEngine ADSelfService Plus is an integrated Active Directory self-service password management and single sign-on solution. It offers password self-service, password expiration reminders, a self-service directory updater, a multi-platform password synchronizer and single sign-on for cloud applications. ADSelfService Plus also offers both Android and iOS mobile apps to facilitate self-service for end users anywhere, at any time. ADSelfService Plus supports IT help desks by reducing password reset tickets and spares end users the frustration caused by computer downtime. For more information about ADSelfService Plus, visit

Leave a Reply

Your email address will not be published.