As a result of both legislation and an enhanced awareness of security requirements, Enterprises have gone to great lengths to secure critical Infrastructure. Everything from root access delegation and auditing to two-factor authentication systems, SSL VPN’s, and more.
Yet, each and every server within the Enterprise still has the requirement for an Administrative level account plus an associated password. And the more effort you take to protect these systems, the more critical it becomes to secure these Administrative account credentials. That however does not eliminate the need to selectively assign these credentials to administrators when they are needed for system administration.
When queried, companies have a variety of methodologies in place to attempt to manage these credentials. Everything from envelopes in a locked desk drawer, to spreadsheets and more.
Yet, the same legislative requirements that have driven the need to restrict access also delegate the same level of control over these critical administrative credentials. Enterprises must consider each of the following:
- Knowing who had access to administrative credentials, when and for how long?
- The ability to assure that once administrative tasks are completed, the administrators no longer have access.
- Knowing that when administrators leave the company or are reassigned, their server access knowledge does not follow them.
- Knowing that administrative passwords are changed, according to password policy, on a regular yet random basis. Thus, assuring that passwords that may have become compromised are no longer valid.
- Automatically log everything associated with any of the above so that for audit purposes, a complete history log is securely maintained.
By implementing a system such as PassGo’s SafeKeeping, all of the above is accomplished. With SafeKeeping, you can avoid the following scenario…
What happens when infrastructure fails?
It’s gone midnight and your pager goes off. A critical piece of your corporate infrastructure has failed and you have been called in to fix it. After arriving in the data centre, you quickly assess you require administrator access, but don’t have the credentials.
This scenario is just one example of when you require access to shared account credentials in a hurry. Accessing these credentials should not compromise your business security policies, and should be in line with your compliance obligations.
SafeKeeping from PassGo
Without SafeKeeping in place, this scenario could have a depressingly familiar outcome. Anything from having to rebuild a host from scratch without access to current configuration information, through to waking people up in an attempt to determine administrator account credentials.
SafeKeeping from PassGo Technologies offers a secure, automated mechanism to manage privileged and administrative credentials. Providing a mechanism for the secure release of passwords, automatically changing the passwords on the managed system in accordance with policies you control.
This ensures that the credentials are only ever known by the individuals who have requested them and at the time of need. Nobody else is in possession of the passwords at any time. Beyond this, passwords can be set such that they are automatically, yet randomly changed, behind the scene, thus ensuring that even compromised passwords have a limited use life.
Furthermore, SafeKeeping ensures that a strong password is utilized on the managed systems, eliminating the tendency to select ‘easy-to-remember’ passwords. Finally, SafeKeeping securely maintains a log of all password access requests, distribution, authorizations, automatic changes and more.
SafeKeeping offers choice and flexibility of implementation with three implementation options:
- Software only solution – Ultimate flexibility
- Hardware appliance solution – Rapid deployment
- Virtual Appliance solution – Best of both worlds
For more information contact sales@passgo.com or visit the microsite at safekeeping.passgo.com .
|
+44 (0) 1460 258300
+44 (0) 1460 258403
