A device may authenticate a user for access to a plurality of target systems. The device may provide information identifying the plurality of target systems. The device may receive information associated with a request for access to one or more target systems of the plurality of target systems. The device may determine whether the request for access complies with one or more policies associated with the one or more target systems. The device may deny the request for access. Denying the request for access may include foregoing providing access to the one or more target systems. The device may receive information associated with an escalation of the request for access based on denying the request for access. The device may provide access to the one or more target systems based on the information associated with the escalation of the request for access.