BeyondTrust has released version 5.6 of PowerBroker Password Safe, our solution for automating privileged password and privileged session management. This new release features some exciting enhancements – especially around reducing the risk of third-party access, enabling secure cloud adoption, and mitigating risks via workflow enhancements. Read on for more. Reducing the risk of third-party access Often the weak link in the chain, remote access by third party vendors and contractors needs controlled network separation and activity monitoring. Many recent breaches have occurred due to attacks via vendor systems. Password Safe version 5.6 provides a secure connection gateway, with the ability to proxy access to RDP, SSH and Windows Applications, with no exposure to privileged credentials together with a fully audited recording of the session. Integrating with RemoteApp, the Password Safe application proxy allows any Windows application usage to be monitored and recorded. In addition, multiple authentication methods are available to automatically sign a user onto the application, using managed credentials. Examples of this include browser sessions, terminal emulators, and database management tools. Reducing cloud risk to enable adoption Many organizations are moving resources to cloud-based environments, and while management of these end-points are generally no different than on-prem hosts, the management interfaces to these critical environments are often left unmonitored with weak or uncontrolled password policies. Password Safe 5.6 allows the storage and session management for administrative credentials to Azure, Amazon, Google, Rackspace, and GoGrid, as well as social networks such as Facebook, LinkedIn and Twitter. With greater security around privileged access to these platforms, organizations can have greater assurance as cloud adoption grows. Mitigating breaches with advanced workflow control Permissions are often granted globally to individuals based upon job role, and do not take into account real-time risk factors such as location, day or time. Password Safe enables the dynamic assignment of just-in-time privileges via the new Advanced Workflow Control engine. Access policies allow fire call users logging in off-hours to only have access to fire call accounts, but the same credentials during working hours expose access to different resources with different workflow parameters. These same policies automatically tie into BeyondInsight Clarity to quarantine resources based on the active risk-profile in use. diagram_blog There are several more enhancements and new features in this release of PowerBroker Password Safe – including live session monitoring and active-active infrastructure support for high-availability deployments. Check out the new features document for a complete rundown, and if you would like to learn more about PowerBroker Password Safe, let us know!