• Site Map
• Contact Us

• Home
• Our Company
  • Customers
  • Careers
  • Contact Us
  • RSS & Blogs
• Products
  • Identity Manager
  • Password Manager
  • Group Manager
  • Privileged Password Manager
  • Download evaluation
  • Releases
  • CC Certification
• Solutions
  • Security, Governance and Regulatory Compliance
  • Reduce IT Support Cost
  • Improve User Service
• Support
  • Shipping products
  • Supported versions
  • Customer Portal
  • Create Incident
• Services
  • Solution Delivery Services
  • Solution Delivery Process
  • Education
  • Upgrades
  • AdMax Program
  • Outsourced IdM Administrator Service
  • Guarantee
• News &  Events
  • Press Releases
  • Press Coverage
  • Upcoming Events
  • Archived Webinars
• Resource Center
  • White Papers
  • Independent Reviews
  • Brochures
  • Slide Decks
  • Case Studies
  • Regulatory Compliance
  • Certifications
  • Community
• Partners
  • Technology Partners
  • Certified Resellers
  • System Integrators and Consultants
  • Managed Service Providers
  • Public Sector
  • Partner Portal
  • Partner Programs

Security Privileged Password Management

  

Privileged Password Management

Many organizations have insecure processes for managing privileged passwords -- local IDs and passwords embedded in servers, workstations and applications with elevated privileges. Inappropriate disclosure of these passwords would lead to serious security compromise:

• Hundreds or thousands of workstations and servers often share the same administrator credentials. If one device is compromised, all are compromised.
• With thousands of workstations and servers, it is difficult or impossible to ever change these passwords. Privileged passwords remain the same for months or years, creating an extended window of opportunity for an attacker to crack them.
• If privileged passwords are rarely changed, as IT staff turn over, ex-staff retain access to sensitive systems.

Hitachi ID Privileged Password Manager is designed to address the challenges posed by management of thousands of privileged passwords:

1. Each privileged password is changed regularly -- usually once per day.
2. Privileged passwords are set to random strings. No two are ever alike and no single privileged account gets the same password twice.
3. IT staff are authenticated, personally, before gaining access to administrator accounts such as Unix/root or Windows/Administrator.
4. Programs that require access to sensitive passwords are authenticated, using a one-time-password and their IP subnet, before being granted access to a password.
5. Access control rules and a workflow authorization engine determine whether a given IT user or program may access a given password.
6. Audit logs track password disclosure, creating accountability.

© Hitachi ID Systems, Inc. . All rights reserved.