Elevating Secrets Security with Shared Safes and Cloud Integrations

1. Shared Safes: A Smarter Way to Manage Secrets

The latest release implements a permissions and sharing model that enables least privilege access for increased security and operational productivity.

Shared Safes secures secrets across teams with granular and flexible permission sets that support multiple teams, each with varying levels of access, to the same set of secrets. This upgrade enhances flexibility and control by allowing both users and groups to co-own shared secrets, ensuring better collaboration and more secure access management. It also allows users to share access, while maintaining least privilege. This greatly reduces risk by delivering a secure audit trail of access, and it increases operational efficiency, while keeping within the organization’s guidelines for secrets access.

Key Benefits of Shared Safes:

• Granular Access Control: Admins must be explicitly granted permissions to access specific safes, reinforcing security best practices.
• Improved Visibility: A new "Show All Safes" toggle makes it easier to manage and oversee stored secrets.
• Faster Retrieval: Users can now search for secrets by ID, streamlining access to critical credentials.

By implementing these enhancements, organizations can better protect sensitive credentials, while enabling efficient and secure collaboration across teams.

2. Expanded Cloud Support: Azure Government & Google Cloud Integration

As cloud adoption grows, BeyondTrust continues to expand its capabilities to support more cloud environments. Password Safe version 24.3 introduces new discovery, onboarding, and management for Google Cloud Platform (GCP), with integrations for Microsoft Azure Government Cloud and Google Cloud Platform (GCP), as well as AWS and Entra ID, empowering organizations with expanded privileged identity management capabilities in the cloud.

Azure Government Cloud Support: Azure Gov Discovery, Onboarding, and Management

Password Safe now offers support for Microsoft 365 Government Community Cloud (GCC), allowing organizations to discover and manage identities within highly regulated GCC environments and facilitating the deployment of Password Safe in these settings. This integration allows users to utilize GCC identities to access BeyondInsight/Password Safe seamlessly. Additionally, Entra ID (formerly Azure AD) hosted in Microsoft Azure US Government is now supported, enhancing identity management and security for government entities.

Google Cloud Platform (GCP) Integration: GCP Discovery, Onboarding, and Management

As part of BeyondTrust’s Advanced Cloud Management initiative, Password Safe now extends full support to Google Cloud Platform (GCP). This capability enables:

• CGP account discovery and management
• GCP credential management: automated password rotation and policy enforcement
• Secure privileged access management (PAM) for GCP resources

Key Benefits of Expanded Cloud Support:

• Enhanced Government Compliance: Enables discovery and management of identities within Microsoft 365 Government Community Cloud (GCC) environments.
• Greater Cloud Flexibility: Supports Entra ID (Azure AD) in Microsoft Azure US Government, ensuring secure identity management in highly regulated industries.
• Seamless Multicloud Security: Extends privileged identity management to Google Cloud Platform (GCP) with automated account discovery, password management, and security enforcement.

Discovery, onboarding, and management for GCP further reduces risk introduced by cloud platforms by driving visibility, and by securing cloud identities and privileged data within GCP. By enabling this functionality across GCP, AWS, and Azure, Password Safe is fully featured across the three main cloud platforms. These integrations ensure organizations leveraging multicloud, cloud native, and hybrid environments can enforce security policies consistently and easily across their infrastructure.

3. Active Directory Synchronization for Better Asset Management

Organizations using Active Directory (AD) to manage users and assets will benefit from new system description synchronization capabilities in Password Safe 24.3. Now, admins can manually create assets with descriptions, which are automatically synchronized from Active Directory into the Password Safe user portal through Directory Query-based Smart Rules.

This enhancement improves asset tracking and administration, ensuring IT teams have greater visibility and streamlined access to consistent, accurate, and up-to-date information on critical resources across systems.

Key Benefits of AD Synchronization:

• Better Asset Management: Ensures asset descriptions remain consistent with directory data.
• Reduced Administrative Overhead: Automates synchronization, minimizing manual updates.
• Improved Compliance: Maintains accurate records for security audits and compliance requirements.