Privileged Remote Access Version 20.2 Delivers Workflow, Vault, & New Vendor Onboarding Enhancements

BeyondTrust has just launched version 20.2 of our Privileged Remote Access solution, which empowers IT teams to control, manage, and audit remote privileged access by authorized employees, contractors, and vendors—without compromising security. With Privileged Remote Access, organizations can enforce least privilege, exert granular control and visibility, and layer on advanced credential security over remote access for both insiders and third parties.

The latest release includes a number of enhancements and new, market-leading capabilities that improve usability, automation, and reporting.

Here’s a brief round-up of what’s new with the release of version 20.2.

Vendor Onboarding

IT teams want to quickly get tools into the hands of vendors and employee, but onboarding new vendors or suppliers can be a time-consuming and repetitive process – one that’s ripe for automation. With Vendor Onboarding, we have securely eliminated manual overhead of managing vendor teams and users by delegating portions of the vendor user administration to trusted sub-admins/vendor admins. This not only helps eliminate shared accounts, it also provides an easier path to adding new vendor users as they onboard.

With this release, administrators can delegate the management of vendor and internal users to a trusted vendor administrator, or another internal user. Administrators will now be able to create a new Group Policy type to better onboard and manage vendor or other users. Once the PRA Admin defines the policy settings for the new Group Policy and assigns a Vendor Admin to that policy, the Vendor Admin can manage the onboarding and offboarding of managed users for the specified policy.

Additionally, Notification and Approval workflows are available for the User onboarding process. This functionality decreases the manual administration requirements of vendor management, while also delivering a quicker path to access for new users.

Linux Jumpoint

BeyondTrust Jump Technology enables privileged users to connect to an unattended remote system to start a session—without end-user assistance. Dependent upon the user’s permissions, the user may access any computer on their LAN/VPN or on a network with a Jumpoint agent. In this release, we are introducing Jumpoint support for Linux installs. In the past, our Jumpoint technology could only be deployed on Windows-based OS’s. Linux Jumpoints support RDP and SSH sessions in this release.

​ Outbound Proxy Support

Proxy servers act as a firewall and web filter, provide shared network connections, and cache data to expedite common requests. Proxy servers can provide a high level of privacy and security for the user’s network. In this release, we have added the ability to use a proxy to send outbound events to a single destination instead of needing to open communication directly to other applications. This feature allows admins to control the dataflow for the information they are sending off the appliance. This security function on the appliance is only for outbound events and Jump Item ticket ID authorization requests.

Vault Enhancements

Our Privileged Remote Access solution includes a cloud-based credential management tool delivered, managed and hosted by BeyondTrust. Leveraging the cloud to manage privileged credentials makes the process simpler and more cost-effective for businesses. Our cloud-native solution can manage over 5,000 windows credentials and can store up to 10,000.

Vault Administrators can now organize Vault Accounts into Account Groups, providing a better management experience for Vault Admins. Vault Admins can now assign Account Groups to Group Policies, rather than only to individual Vault Accounts. Additionally, Vault Accounts can be assigned to an Account Group during the Import process.

The Privileged Remote Access Vault has been enhanced to include a simple and efficient automated method to rotate user-selected groups of credentials, or all Vault credentials at one time. This greatly simplifies management of large numbers of credentials.

With this release, all Privileged Remote Access users can utilize the Vault functionality to create private Generic Accounts in their own private Vault. This enables users to manage their own Vault Accounts privately for use during Privileged Remote Access sessions.

Vault Accounts are also now automatically associated with endpoints, providing a better user experience when injecting credentials into Privileged Remote Access sessions. This requires Admins to use the Vault Discovery and Import functionalities in order to bring the Accounts and Endpoints under Vault management. Once under Vault management, the credential-to-endpoint association will occur automatically for the relevant Jump Items. Users will now be presented with these associated Vault Accounts when undergoing credential injection during session initiation.

Deployment

BeyondTrust secure remote appliances offer a centralized platform for access control and session management. BeyondTrust helps you keep sensitive data behind your own firewall, under the trusted security measures you already have in place. Our cloud, virtual, and physical appliances models help enterprise organizations address regulatory and security requirements. We offer 4 deployment options for privileged remote access:

• On-premise
• IaaS (Infrastructure as a Service)
• SaaS (Software as a Service)
• Hybrid (a combination of all)

Learn More About Privileged Remote Access

The new features and enhancements with version 20.2 broaden what’s already possible with BeyondTrust’s Privileged Remote Access, helping you control, manage, and audit vendor and internal remote privileged access.

Ready to experience the most secure solution for enabling remote access to vendors and employees? Contact us today, or learn more here.