BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    Use Cases and Industries
    See All Products
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Privilege Management for Windows Now Integrates with Password Safe, Plus Password Safe Introduces Team Passwords

October 13, 2020

  • Blog
  • Archive

BeyondTrust is pleased to announce the latest releases for two of our industry-leading products, Privilege Management for Windows (PMW) and Password Safe (PS) These releases reflect our commitment to innovation, portfolio integration, and listening to our customers. The newest Password Safe release also delivers on the #1 requested item on the BeyondTrust Ideas Portal.

Both of these product releases are immediately available.

What’s New in Privilege Management for Windows 5.7

Password Safe Integration

Enterprise password management and least privilege technologies each provide substantive benefits in controlling risk and improving user productivity, However, each solution by itself only solves for a slice of the privilege problem.

Without the use of an enterprise password manager like Password Safe, updating passwords for intermittent, remote, or mobile systems remains a challenge for organizations that need to conduct business while users are working remotely, and potentially off the network. In some instances, the only way for privilege management tools to properly elevate application privileges is to use a real username and password combination with administrator permissions. This then requires the distribution of these credentials to users, which undermines least privilege policies.

To overcome these obstacles, Privilege Management for Windows 5.7 now integrates with Password Safe 7.1 to create an industry-unique approach to addressing remote password changes and elevation of applications for real user credentials. The result is a process for account password changes at any time, in any location, and designed to overcome the limitations of network segmentation.

The integration of Privilege Management for Windows 5.7 with our enterprise credential vaulting solution, Password Safe, enables organizations to seamless solve for two challenging use cases, while unlocking many other synergies for customers. Here are two capabilities you can leverage when Privilege Management for Windows is used alongside Password Safe:

1. Local rotation of administrator and service accounts

For those Windows endpoints under Password Safe management that are not connected to the corporate network, Privilege Management for Windows introduces the ability to apply local account password rotations on behalf of Password Safe, via BeyondInsight. This use case helps organizations continue to manage credentials on endpoints for users who are working from remote locations. Based on a configurable heartbeat, PMW will check in with Password Safe to identify any account passwords that require rotation, apply the change, and verify that the change was successful.

Credential rotation performed via integration of Privilege Management for Windows with Password Safe

2. “Run As” Password Safe User

PMW 5.7 also adds the ability to run and elevate specific applications using credentials managed and protected by Password Safe. When enabled, Privilege Management for Windows will check out a pre-defined credential at the point that an application launched and pass the credential directly to the process. This capability significantly extends the concept of JIT privilege management by providing true hands-off access to service accounts, domain level credentials, and other privileged credentials. This ensures that the credentials are only used as part of a specific task and only accessed at the point the task is executed. For Developers, sysadmins, and DevOps, this feature provides the security of vaulting those highly prized accounts, AND the convenience of performing tasks in the appropriate context, without the need for manual intervention.

Run As Password Safe User

What’s New in Password Safe 7.1

Team Passwords

We are pleased to announce the availability of Team Passwords with the release of Password Safe 7.1. Team Passwords is a new feature designed to securely store credentials owned by small groups in a fully auditable, controlled environment. This feature is the #1 requested item on the BeyondTrust Ideas Portal and offers a valuable addition in extending secure password practices throughout your organization.

BeyondInsight home page now includes a Team Passwords tile

There are teams in your organization that must access accounts as part of their daily work. Examples of shared accounts include social media, customer relationship management (CRM), bank accounts, and more. Most of these accounts do not contain sensitive information, but in the wrong hands, could still cause damage to the organization. For example, a social media account accessed by unauthorized personnel has the potential to cause reputational damage, such as in the form of malicious posts.

Traditionally, most small groups with oversight over shared credentials have managed them manually in spreadsheets or written down, such as in sticky notes. Security-conscious organizations seek to provide management for these credentials locally to each team in a secure and auditable way.

How Team Password Management Works

Team Passwords adds a new Feature to Password Safe, which is assigned to groups in Users & Groups. Each Group with the feature represents a Team. Each Team gets their own isolated store where they can secure the credentials used within their team.

The creator of the credential becomes the Owner. Only the credential Owner can change the credential, while each member in the Team group can retrieve it. The Owner and Administrators can also reassign ownership of a credential within the team.

Team members can create a folder structure to organize their credentials. The solution delivers extensive search and filtering capabilities, helping teams get to the credentials they need quickly and effectively. All activity within Team Passwords is logged for auditing.

Team members can create a folder structure to manage team passwords

More about BeyondTrust Privilege Management for Windows & Mac and Password Safe Products

BeyondTrust Privilege Management for Windows & Mac (PMWM) is a preventative Endpoint Security solution that removes excessive admin rights, applies modern application control, enables passwordless administration, and gives users just enough privileges to do their jobs and be productive. The solution blocks the majority of malware and ransomware and protects against both external and internal threats. Utilizing QuickStart policies, organizations achieve rapid time-to-value, whether deploying the solution on-premises or via SaaS.

BeyondTrust Password Safe (PS) combines privileged password and session management to discover, manage, and audit all privileged credentials. Customers can scan, identify, and profile all assets for automated onboarding, ensuring no credentials are left unmanaged. The solution controls privileged user accounts, applications, SSH keys, cloud admin accounts, RPA accounts, and more. Password Safe also monitors and records live sessions in real time, with the ability to pause or terminate suspicious sessions. With BeyondTrust Password Safe, customers benefit from a searchable audit trail for compliance and forensics and can achieve and verify complete control and accountability over privileged accounts.

For more information, check out the What’s New documents for Privilege Management for Windows 5.7 and Password Safe 7.1, or contact us today.

LIndsay Marsh, Sr. Product Marketing Manager & Alex Leemon, Product Marketing Manager,

Lindsay Marsh is a Senior Product Marketing Manager at BeyondTrust, focusing on Endpoint Privilege Management since 2015. She has over 20 years of experience in IT and cybersecurity. She holds a BA in Business Administration/Marketing from the University of Phoenix. She can be found on LinkedIn and Twitter.

Alex Leemon is a Product Marketing Manager at BeyondTrust, focusing on Privileged Password & Session Management and Vulnerability Management solutions. She has over fifteen years of experience working with enterprise-level and Critical Infrastructure organizations solving safety and security challenges. Before joining BeyondTrust, Alex served in various roles related to the development of industrial control products and the Industrial Internet of Things (IIoT).

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Up next

From October 7, 2020:
BeyondTrust Expands Cloud Leadership with Password Safe v7.2
From October 14, 2020:
October 2020 Patch Tuesday

You May Also Be Interested In:

Whitepapers

Microsoft Vulnerabilities Report 2021

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

Whitepapers

KuppingerCole Executive Review - BeyondTrust Endpoint Privilege Management

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.