The Problems with Passwords: Personal, Privileged and Private
By: Furkan Kırmacı
When a single user within an enterprise, for example, a systems analyst, requires privileges beyond the typical individual account, managing and auditing activities can become convoluted. Even when there is no harm intended, systems may be breached and fall out of compliance, especially in heavily regulated industries.
Managing this, especially in organizations with hundreds, or thousands, or even tens of thousands of Privileged Access Management employees or contractors, is nearly impossible without some form of automation and intelligence.
Ironsphere’s Dynamic Password Controller is a password vault that stores and rotates ssh keys and passwords of privileged accounts (admin, system, root, etc.) centrally and securely to address these challenges.
Our large enterprise clients have simplified their workflow while also ensuring security, compliance, and efficient audit trail and reporting, with a simple two-step process for end-users:
- Users log in with their personal accounts, check out the credentials of a privileged account and then use it to connect to target endpoints.
- Our Dynamic Password Controller generates searchable log records and audit trails to meet security and compliance requirements.
This breakthrough solution takes control of device and database passwords, providing security while sustaining efficiency.
Today we published an updated Solution Brief detailing the features and benefits of our solution, which at a high level supports local user accounts on:
- Operating Systems: Windows/Linux/Unix
- Databases: Oracle, PostgreSQL, MsSQL, etc.
- Devices and Appliances with CLI interface
- Applications with password change API
Technical admin users remotely access servers, hosts, and devices directly using privileged accounts in the course of their daily administration and maintenance operations, such as configuration changes, troubleshooting, upgrades, and backups.
Such user activities pose security threats for organizations, such as credential theft and privilege abuse, due to the lack of accountability, visibility, and excessive privileges.
To learn more about how Ironsphere has solved one of the greatest challenges IT teams face by addressing accountability, visibility, excessive privileges, stale passwords, trust-based processes, and more, download the new solution brief here.
Our Dynamic Password Controller solution is part of our advanced Privileged Access Management platform, which provides centralized, unified, and intelligent management of privileged accounts. Accounts are stored securely and encrypted in a digital vault, and passwords are auto-changed (rotated) regularly.
When a user needs privileged credentials to perform essential IT operations, the user can retrieve them from Ironsphere’s digital vault after ensuring that he/she really is who they claim to be, and the operation is a legitimate business activity.
We have all found ourselves in a different world of work given the events that have defined 2020, and few professionals are feeling the pressure more than IT and OT teams.
Just as cyber risks evolve, the evolution of risk appetite frameworks is more active than ever. With more sophisticated adversaries, more digital transformation initiatives, more mobile works, ecosystem partnerships and connectivity to multiple clouds and services, enlightened management teams and their boards are updating their levels of “risk tolerance.”
Two-factor authentication has been around for decades – requiring an additional step between entering a username and password, for example, then entering a one-time security code sent to a mobile device – to access applications, systems and data.