Why Privileged Session Management is Not Optional

You wouldn’t buy a car without brakes - would you?

Getting control over privileged accounts and data is a big job with multiple steps— eliminating the sharing of as many privileged passwords as possible, implementing least privilege management in all of your environments (Windows, Unix, Linux, Mac), and utilizing privileged session management to monitor the activity of your privileged users, to name a few. Privileged session management gives IT security teams the tools they need to prevent malicious activity, like safely locking suspicious administrative sessions, and controlling session access based on the day, time, and their location. But most commercial PAM tools offer privileged session management as an add-on, as if it’s optional. It’s an expensive add-on, that just adds additional deployment complexity, and, as a result, the cost for many commercial PAM solutions leads IT teams to suffer from “PAM Sticker Shock.” IT security teams cannot afford to make privileged session management optional. You wouldn’t buy a car without brakes, so why would you even consider a privileged access management solution that didn’t include privileged session management? At BeyondTrust, we don’t think of our privileged session management capabilities as optional ‘bells and whistles’ – they’re an integral, fully-integrated part of our solution and included at no additional costs with PowerBroker Password Safe, our privileged password and privileged session management solution.

Why Integrated Password and Session Management?

PowerBroker Password Safe privileged session management uses standard desktop tools such as PuTTY and Microsoft Terminal Services Client, ensuring administrators can leverage commonly used management tools without the need for Java. With Password Safe, administrators can:

• Request RDP/SSH access to authorized systems only
• Start sessions instantly, or via workflow
• View any active privileged session, and if required, pause or terminate the session
• Use keystroke indexing and full text search to pinpoint data, and then log an acknowledgement of the review for audit purposes
• Blacklist and alert when SSH commands are invoked, even on network devices such as routers and firewalls
• Avoid Java – Password Safe is a client-less solution with no agents required on the server
• Fully integrate with native tools (MSTSC, PuTTY, MobaXterm etc.)
• Gain full video recording with 100% accountability
• Realize greater flexibility – deploy as a hardened appliance, virtual appliance, as software or in the cloud via Amazon

The integrated session monitoring capability helps you achieve your compliance and security objectives without the risks or complexity of Java or the cost of using additional third-party solutions. If you’re ready to invest in a privileged access management solution that won’t blow your budget with add-ons and extra fees, then consider Password Safe. To help you figure out how Password Safe stacks up to the competition, check out our cost comparison page, or contact us for a no-risk demo today.